EU PRIVACY POLICY
PERSONAL DATA PROCESSED FOR THE PURPOSES OF PROVIDING RED PRODUCTS AND SERVICES
When you enter into a contract for the sale of Company products or services, Company collects and processes your personal data needed for transacting the sale, as per section 6.1 (b) of the General Data Protection Regulation ("GDPR").
The personal data processed by Company are your contact details, payment details and any information relating to the product/service sold. Such personal data are processed by Company only for specified, explicit and legitimate purposes as indicated above and for no other purpose whatsoever.
Personal data will be processed and stored by Company for the duration of the sales contract and thereafter, for the duration of any statute of limitation of any action legal right or action that may be lodged by any of the parties against the other. Any other processing of your personal data will be made only with your prior written consent.
Company will not provide any of your personal data to any third party without your prior written consent.
PERSONAL DATA PROCESSED FOR MARKETING PURPOSES
If you opt to receive information relating to other Company products/services, Company will collect certain personal data such as contact details and product preferences which are necessary for selecting and sending you relevant information.
Any collection and processing of personal data for marketing purposes will be performed by Company only with your prior written consent (section 6.1 (a) GDPR), even if you are already a customer of Company. Company may also profile your personal data for marketing purposes. You may withdraw your consent at any time by sending an email to privacy@m-experiment.com Any communication by Company using your personal data for marketing purposes will include an active http link to unsubscribe to such direct prospection. By clicking on the unsubscribe link, you will withdraw your consent and all your personal data will be erased from our marketing data base.
If you are already registered in our database to receive information from Company, Company may process your personal data "necessary for the purposes of the legitimate interests pursued by Company" (section 6.1 (f) GDPR). Company may also profile your personal data for marketing purposes. Any communication by Company using the personal data will include an active http link to unsubscribe to direct prospection. You may, at any time, exercise your right to object to the processing of your personal data for marketing purposes, including profiling (section 21 GDPR) by clicking on the unsubscribe link provided above. When clicking on such unsubscribe link, all your personal data will be erased from our marketing database.
RIGHT TO ACCESS YOUR PERSONAL DATA (SECTION 15 GDPR)
You have the right to access your personal data processed by Company (section 15 GDPR). The exercise of the right to access and receive a copy of your data is free if you exercise it under reasonable conditions. In addition to a complete copy of your personal data, Company will also provide you with the complete list of information provided for in section 13 of the GDPR. If your requests are manifestly unfounded or excessive, in particular because of their repetitive nature, Company may either refuse to answer you or charge you for the provision of this information.
You may exercise your right to access your personal data anytime by sending an email to privacy@company.com
RIGHT TO RECTIFICATION (SECTION 16 GDPR)
You can at any time ask Company to rectify, as soon as possible, your personal data if this data is inaccurate.
TRANSPARENCY REQUIREMENT
If Company does not take action when you exercise your right to object, access, or rectify, Company will inform you without delay and, at the latest, within one month of receipt of your request, of the reasons for not taking action and on the possibility of lodging a complaint with a supervisory authority and seeking a judicial remedy.
SECURITY
Company implements appropriate technical and organizational measures to ensure your personal data are adequately protected. In particular, our website’s bunker security system is armed with a sentry system to monitor activity and prevent any unauthorized disclosure of credit card numbers or other personal information. In addition, we utilize a licensed system for credit card authorization and fraud detection. We use industry standard SSL (Secure Sockets Layer) encryption to protect the confidentiality of your personal data stored in our information system.
Your personal data are stored and processed within the information system of Company, operated only by Company. In case Company decides to subcontract all or part of the processing/storage of your personal data, Company shall impose to its subcontractor security obligations at least as strict as those described in the present section. Any subcontractor of Company shall have no right to subcontract any right or duty agreed upon with Company, except with the prior written consent of Company.
NOTIFICATION OF PERSONAL DATA BREACH
"Personal data breach" means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed by Company.
In case of breach of your personal data, Company shall notify such data breach without delay to the relevant Supervisory Authority in the EU. In addition, when the personal data breach is likely to result in a high risk to the rights and freedoms of its EU Customers or prospects, Company shall inform you of the personal data breach without undue delay.
COMPANY EU GDPR REPRESENTATIVE (SECTION 27 GDPR)
Company's representative in the EU is:
Wagstaff Chartered Accountants / +44 (0) 1438 740 074
APPLICABLE LAW
This Privacy Policy shall be governed by the law of the country where we will deliver you the products/services you order from Company. Any litigation relating to the enforcement of such Privacy Policy shall be of the jurisdiction of the supervisory authority of the country where Company delivers you the product/service sold.
LIST OF COOKIES WE COLLECT
The table below lists the cookies we collect and what information they store.
|
FORM_KEY |
Stores randomly generated key used to prevent forged requests. |
|
PHPSESSID |
Your session ID on the server. |
|
GUEST-VIEW |
Allows guests to view and edit their orders. |
|
PERSISTENT_SHOPPING_CART |
A link to information about your cart and viewing history, if you have asked for this. |
|
STF |
Information on products you have emailed to friends. |
|
STORE |
The store view or language you have selected. |
|
USER_ALLOWED_SAVE_COOKIE |
Indicates whether a customer allowed to use cookies. |
|
MAGE-CACHE-SESSID |
Facilitates caching of content on the browser to make pages load faster. |
|
MAGE-CACHE-STORAGE |
Facilitates caching of content on the browser to make pages load faster. |
|
MAGE-CACHE-STORAGE-SECTION-INVALIDATION |
Facilitates caching of content on the browser to make pages load faster. |
|
MAGE-CACHE-TIMEOUT |
Facilitates caching of content on the browser to make pages load faster. |
|
SECTION-DATA-IDS |
Facilitates caching of content on the browser to make pages load faster. |
|
PRIVATE_CONTENT_VERSION |
Facilitates caching of content on the browser to make pages load faster. |
|
X-MAGENTO-VARY |
Facilitates caching of content on the server to make pages load faster. |
|
MAGE-TRANSLATION-FILE-VERSION |
Facilitates translation of content to other languages. |
|
MAGE-TRANSLATION-STORAGE |
Facilitates translation of content to other languages. |