Welcome to Ashara Lifestyle ! Your privacy is very important to us. That's why we commit ourselves to being transparent about our privacy practices, including the treatment of your personal information.
We ask that you read this privacy notice carefully as it contains important information on who we are, how and why we collect, store, use and share personal information, your rights in relation to your personal information and on how to contact us and supervisory authorities in the event you have a complaint.
Ashara uses your personal data to process orders, to create a Ashara Lifestyle account for you, and to send you newsletters about our products and offers.
We use external providers to help us process your data, including an email provider and payment processor who are in the USA.
You have a number of rights in respect of your personal data, which we summarise in the policy.
Please contact us at firstname.lastname@example.org if you have any questions.
WHO ARE WE
Ashara GMBH collects, uses and is responsible for certain personal information about you. When we do so we are regulated under the General Data Protection Regulation which applies across the European Union (including in the United Kingdom) and we are responsible as ‘controller’ of that personal information for the purposes of those laws.
THE PERSONAL INFORMATION WE COLLECT AND USE
We collect the following information about you. References to the basis of processing (e.g. “Basis: Legitimate Interest”) are a reference to the article of the EU General Data Protection Regulation under which we undertake the processing in question.
We collect the following personal information when you provide it to us in the course of ordering products from our site: name, delivery address, billing address and payment details, and your email address. We use this information to fulfil your order.
We collect your email address when you sign up to receive our newsletter. We use this to send you the weekly newsletter.
We collect your email address when you provide it to us to open a Ashara account on our website. We use this open a user account for you on our site.
WHO WE SHARE YOUR INFORMATION WITH
Our website development and hosting partner will have access to your data for the purposes of helping us operate the Ashara Lifestyle website and provide our products to you.
We use Mailchimp, an email service provider to help us send out our newsletters.
We use our payment providers, Stripe and Pay Pal, to provide payment processing services and this involves their using your payment details.
We will share personal information with law enforcement or other authorities if required by applicable law.
We will not share your personal information with any other third party.
HOW LONG YOUR PERSONAL INFORMATION WILL BE KEPT
We will hold details of your orders for a period of 6 years to help us meet our tax and accounting obligations, and to help you in case you have any questions about your order.
We will retain your email address for the purposes of sending you our newsletter and maintaining your Ashara Lifestyle website account, for a period of 2 years from your last interaction with us.
TRANSFER OF YOUR INFORMATION OUT OF THE EEA
We use Mailchimp, an email service provider located in the USA, to help us send out our newsletters. Stripe, our payment processor, also processes your payment data in the USA.
The USA does not have the same data protection laws as European Economic Area (“EEA”). Whilst the European Commission has not given a formal decision that the USA provides an adequate level of data protection similar to those which apply in the United Kingdom and EEA, any transfer of your personal information will be subject to Mailchimp’s and Stripe’s EU-US Privacy Shield certifications. The EU-US Privacy Shield is one of the safeguards under the General Data Protection Regulation that are designed to help protect your privacy rights and give you remedies in the unlikely event of a misuse of your personal information. More information about the EU-US Privacy Shield is here – https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/eu-us-privacy-shield_en
If you would like further information regarding Mailchimp’s or Stripe’s use of your data on our behalf, please contact us at email@example.com. We will not otherwise transfer your personal data outside of Europe.
Under the General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to:
access to your personal information and to certain other supplementary information that this Privacy Notice is already designed to address
require us to correct any mistakes in your information which we hold
require the erasure of personal information concerning you in certain situations
receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations
object at any time to processing of personal information concerning you for direct marketing
object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
object in certain other situations to our continued processing of your personal information
otherwise restrict our processing of your personal information in certain circumstances
If you would like to exercise any of those rights, please:
email us at firstname.lastname@example.org
your Ashara account email address (if you have one),
let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill), and
let us know the information to which your request relates
If you would like to unsubscribe from any [email newsletter] you can also click on the ‘unsubscribe’ button at the bottom of the newsletter.
KEEPING YOUR PERSONAL INFORMATION SECURE
We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
HOW TO COMPLAIN
We hope that we can resolve any query or concern you raise about our use of your information.
The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred.
CHANGES TO THIS PRIVACY NOTICE
This privacy notice was last updated on 9TH Oct 2019
We may change this privacy notice from time to time, when we do we will inform you via email.
HOW TO CONTACT US
Please contact us if you have any questions about this privacy notice or the information we hold about you.
If you wish to contact us please send an email to email@example.com
LEGAL BASES FOR PROCESSING
In the section of this notice which sets out what data we collect and how we use it, we refer to different legal bases for processing. Further details on each of those are set out here.
Legitimate Interest means the interest of our business in conducting and managing our business to enable us to give you the best service and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.
Performance of Contract means processing your data where it is necessary for the performance of a contract between us and you or to take steps at your request before entering into such a contract.
Comply with a legal or regulatory obligation means processing your personal data where it is necessary for compliance with a legal or regulatory obligation that we are subject to.
Consent means your affirmative, informed consent.
- • Keep track of the items stored in your shopping basket and take you through the checkout process
- • Recognise you whenever you visit this website
- • Obtain information about your preferences, online movements and use of the internet
- • Carry out research and statistical analysis to help improve our content, products and services and to help us better understand our visitor requirements and interests
- • Target our marketing and advertising campaigns more effectively by providing interest-based advertisements that are personalised to your interests, and
- • Make your online experience more efficient and enjoyable.
We work with third-party suppliers who may also set cookies on our website. These third-party suppliers are responsible for the cookies they set on our site. If you want further information please go to the website for the relevant third party. You will find additional information in the table below.
DESCRIPTION OF COOKIES
The table below is designed to provide more information about the cookies we use and why:
- • Name of the cookie(s) – _ga, _gat
- • Owner of the cookies – Google Analytics
HOW TO TURN OFF COOKIES
If you do not want to accept cookies, you can change your browser settings so that cookies are not accepted. If you do this, please be aware that you may lose some of the functionality of this website. For further information about cookies and how to disable them please go to: www.aboutcookies.org or www.allaboutcookies.org.
OUR CONTACT DETAILS
We welcome your feedback and questions. If you wish to contact us, please send an email to firstname.lastname@example.org.
Or write to us in person
54 Borner Strasse