Your Privacy Is Important To Us
At Damsel in a Dress we take your privacy very seriously and are committed to protecting the privacy and security of our customers. We fully appreciate and respect the importance of data protection and security on the Internet.
- what information we collect when you use the Damsel in a Dress website (the “Site”), when you communicate with us, or when you visit one of our stores
- how we use your information
- how we share your information
- how long we keep your information and how it is stored
- our approach to sensitive personal information
- what options you have to control your information
- the rights you may have in relation to your personal information
- how we communicate changes to this Policy
Please contact our Customer Services team if you would like to discuss this with us or have any questions, comments or suggestions relating to this Policy.
This Site is run by Phase Eight (Fashion & Designs) Limited (“Phase Eight”). For the purposes of applicable data protection laws, including the EU General Data Protection Regulation (“GDPR”) (as amended or superseded) Phase Eight is the “controller” of the personal information collected through the Site, by phone or in any Phase Eight store.
How do we collect information from you?
1. Information we collect when you visit our Site
We will collect personal information that you provide to us when you:
- create an account on our Site;
- place an order through our Site;
- fill in forms on our Site, for example to leave feedback, enter a competition or respond to a survey;
- subscribe to our mailing list.
We will also collect certain information automatically when you visit our Site, in particular:
- we record details of the resources that you access to visit our Site (for example, URL addresses, traffic data etc.);
- we record information about the type of device you have used to visit our Site, your device settings, and the cause of any system errors. Your device manufacturer or operating system provider will have further details on what information your device makes available.
2. Information we collect in our stores
We will collect personal information that you provide to us in our stores when you:
- ask us to provide you with a digital receipt;
- subscribe to our mailing list;
- enter a competition or respond to a survey.
3. Information we collect when you contact us
We will collect personal information about you when you contact us by telephone, e-mail, or via social media.
4. Information we collect if you apply for a job with us
You may be able to apply for a job with us through our Site, in-store or through third party websites such as LinkedIn. The personal information we collect about you may include your name, contact details, employment history, and any information set out in your CV.
How we use your information
We will use your information in the following ways:
1. For the performance of a contract between you and us:
- to provide you with an account on our Site, if you choose to sign up for one;
- to fulfil any order that you place with us;
- to collect payment from you;
- to provide you with a receipt, if you ask us to send this to you electronically;
- to protect and defend our legal rights and interests.
2. Where we have a legitimate interest in using your personal information:
- to administer and monitor our Site, including to ensure that content is presented in the most effective manner for you and for your device, and to allow you to participate in interactive features when you choose to;
- to analyse any feedback that you provide on our services, and to improve our services;
- to administer competitions that you have entered;
- to review and assess any job application that you submit to us.
4. If you have consented to receive marketing information from us, we may use your information in the following ways:
- we will process details of your previous transactions and contact you by e-mail with information about goods and services similar to merchandise you have purchased (however we never store your payment details);
- if you have consented to us doing so, we will share your information internally within the TFG Brands (London) group in order to send you tailored offers or other information we believe will be of interest;
- if you provide your mobile telephone number in our preferences centre and if you have consented for us to do so, we may contact you with marketing messages which have been tailored to match your preferences.
You have the option to unsubscribe from our e-mails through a link at the bottom of every e-mail we send to you. You have the option to unsubscribe from our text messages by following the instructions in the text message or contacting the Customer Services team.
If you want to change the details that you have registered with us, or would like to amend your subscription preferences or unsubscribe altogether, this can be changed in the “My Account” section of our Site or by contacting our Customer Services team.
How we share your information
- We share your information with our core service providers and third party platforms as required for our business to function; for example, picking, packaging and processing orders, fulfilling deliveries, customer support, fraud detection, credit risk reduction checks, IT systems support, and internal audits.
- If you choose to provide feedback on your transaction, we will share your information with Feefo, a third party feedback site who will capture your feedback on transactions which we use to enhance our customer service.
- Your information may be processed by a third party in order to maintain the functionality of our Site and database.
- In the event that you add items to your basket but do not complete a transaction, Salescycle will automatically send you an e-mail to remind you that there are items in your basket.
- Whilst you are a member of our mailing list we may share your information with trusted non-core service providers, such as marketing partners we have carefully selected to deliver incentives to participate in offers, polls, surveys, analysis or research, all of which assist us in enhancing our services. They are not permitted to use your information after you unsubscribe.
We also use services offered by Google, Facebook, Instagram and other similar social media platforms to better tailor our marketing communications and for targeted advertising. As part of this process, some personal information, such as your e-mail address, is provided to the relevant third party, however for security purposes this data is “hashed” prior to being shared. Hashing is a process of identity masking or “pseudonymisation” which means we do not disclose your e-mail but still enables linking between your social media presence and our Site. Your personal information will be transmitted to countries outside of the EEA, including the United States. If you would like more information about how your personal information may be transmitted, and the safeguards applied, please contact firstname.lastname@example.org. You may have the right to object to your personal information being used in this way (see “Rights you may have” below).
We receive insights from Facebook about the effectiveness of our advertising campaigns which you experience on our Site and social channels, helps to better target our advertising.
Every external company we work with has a contract with us which clearly sets out our expectations and requirements in handling personal information and obligates them to meet these standards and those contained in the GDPR.
How long we keep your information
We retain the information you provide for the following periods:
- for as long as you subscribe to receive marketing information;
- for as long as your account is being used and for a period of three years after the date you cease to use your account, after which period we will anonymise the personal information on file by deleting the personal information and allocating a personally unidentifiable unique reference ID and store the remaining information for a period of five years (“Data Retention Period”). After this time it will be permanently deleted from all systems and back-ups. If you wish to set up an account after this period this will be treated as a new account and your transaction history will not be available;
- in the case of any contact you may have with our Customer Care team for as long as is necessary to provide support-related reports and trend analysis.
Our Data Retention Period has been determined to cover credit risk, fraud detection and customer service periods, as well as to cover regulatory requirements, and the resolution of disputes or fraud prevention.
How we store your information
Your information may be processed by our staff or by the staff of our suppliers to the extent necessary to fulfil your order. By submitting your personal information to us, you agree to the transfer of your personal information, its storage and processing.
We will keep the data which we collect from you on a secure server. Any information you give us relating to credit card details is handled by a PCI DSS compliant third party and encrypted using secure server technology. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access and require our suppliers to do the same.
Where we have given you a password (or where you have chosen one) to access certain parts of this Site, you are responsible for keeping this password confidential. We ask that you do not share a password with anyone.
Sensitive personal information
We do not seek to collect sensitive personal information (i.e. information relating to race or ethnic origin, political opinions, religious or other beliefs, trade union membership, physical or mental health, sexual orientation or criminal records). We ask that you do not provide such information to us.
Rights you may have
You may have certain rights in relation to personal information that we hold about you. These include the right to request access to your personal information, to request that it is erased, that its processing is restricted, or that any inaccurate personal information is rectified. You may also have the right to object to the processing of your personal information, or in some circumstances to obtain a copy of the personal information in a machine readable format. You also have the right to complain about the use of your personal information to the Information Commissioner’s Office.
Please contact our privacy officer at email@example.com if you would like to make a request.
Changes to this Policy
We may change this Policy from time to time. If we make changes, we will notify you by revising the date at the top of this Policy, and if the changes are significant, we may provide you with additional notice such as adding a statement to the homepage of the Site or sending you an e-mail with the update.
Please check this Policy regularly to stay informed about our information practices and the ways you can help protect your privacy.
If you have any questions about the Policy and practices of this Site you can contact us at firstname.lastname@example.org.