Privacy & Security

PRIVACY POLICY
SOPHIE LIS LTD

PRIVACY POLICY

At Sophie Lis we are committed to maintaining the trust and confidence of visitors to our website. In particular, we want you to know that Sophie Lis is not in the business of selling, renting or trading email lists with other companies and businesses for marketing purposes. In this Privacy Policy, we’ve provided lots of detailed information on when and why we collect your personal information, how we use it, the limited conditions under which we may disclose it to others and how we keep it secure. This Privacy Policy has been prepared in accordance with the Data Protection Act (1998) and the General Data Protection Regulation (2018) (GDPR).

Who We Are
Sophie Lis Ltd is a company registered in England and Wales under Company No. 10464851 with our registered office at 2 Colville Square, London, W11 2BD.

Who We Collect Data From

  • Visitors to the Sophie Lis website 
  • Customers who make a purchase on our website 
  • People who subscribe to our newsletter and other marketing communications 
  • People who write to our Customer Services

The Types of Data We Collect
Sophie Lis may collect the following information (data) about you: 

  • Your name and gender; 
  • Your contact details: postal address including billing and delivery addresses, telephone numbers (including mobile numbers) and email address; 
  • Your purchases and orders made by you; 
  • Your communication and marketing preferences; 
  • Your location (IP address); 
  • Your correspondence and communications with Sophie Lis; and 
  • Other publicly available personal data including any that you have shared via a public platform (such as a Twitter feed or public Facebook page). 
  • Our website is not intended for children and we do not knowingly collect data relating to children.

How the Data Is Collected
Sophie Lis will collect the personal data you provide when you

  • Set up an on-line account on our website
  • Sign-up for our newsletter 
  • When you make a purchase on our website 
  • When you send an email to us


Consent

When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only.

If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent, or provide you with an opportunity to say no. 

How Do I Withdraw My Consent? 

If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at anytime, by contacting us at info@sophielis.com


How The Data Is Used
As part of the registration process for our e-newsletter, we collect personal information. We use that information for a number of reasons: To tell you about things related to Sophie Lis such as news, events or promotions. To contact you if we need to obtain or provide additional information.
As part of the process of making an online purchase, we collect personal information. We use that information for a couple of reasons:

  • To ensure we have the correct information to fulfil the contract and effect delivery.
  • To contact you if we need to obtain or provide additional information.


Sharing Data with Third Parties

Our Service Providers And Suppliers
In order to make certain services available to you, we may need to share your personal data with some of our service partners. These include IT, delivery and marketing service providers.
Sophie Lis only allows its service providers to handle your personal data when we have confirmed that they apply appropriate data protection and
security controls.
These websites, and others linked to from this Policy, are owned and operated by a third party and they are responsible for processing personal data in accordance with their own privacy policies.

Mailing Lists

We use MailChimp, to deliver our newsletter. We gather statistics around email opening and clicks using industry standard technologies to help us monitor and improve our e-newsletter. For more information, please see MailChimp’s privacy notice. You can unsubscribe to general mailings at any time by clicking the unsubscribe link at the bottom of any of our emails.

Purchasing Data

When you make a purchase through our website your name, address, email, contact number and IP address will be stored as encrypted data on the server of our website hosting service provider.

Payment Transactions

No financial transaction data is collected by Sophie Lis. When you make a purchase through our website the transaction is completed via payment gateways of third-party service providers Worldpay and PayPal. These third party service providers have their own data security measures and we recommend that you read their privacy policies so you can understand the manner in which these providers will handle your personal information.

Google Analytics

When someone visits our site we use a third party service, Google Analytics, to collect standard Internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way that does not identify anyone. We do not make, and do not allow Google to make any attempt to find out the identities of those visiting our website.

Website Cookies

We do not collect data via Cookies. You may have noticed when you visit the Sophie Lis website that there is no Cookies Consent pop-up. This is because our site does not have Cookies installed so we are not tracking your activity as a visitor. Without Cookies installed the Sophie Lis website cannot indirectly collect other personal data via your browsing or shopping activity.

Other Third Parties
Aside from our service providers, Sophie Lis will not disclose your personal data to any third party, except as set out below.

We may share your data with:

Governmental bodies, regulators, law enforcement agencies, courts/tribunals and insurers where we are required to do so: -

To comply with our legal obligations;
To exercise our legal rights (for example in court cases);
For the prevention, detection, investigation of crime or prosecution of offenders; and
For the protection of our employees and customers
We will never sell, rent or trade our customer data to other organisations and businesses.

How Long Do We Keep Collected Data?

We will not retain your data for longer than necessary for the purposes set out in this Policy. Different retention periods apply for different types of data, however the longest we will hold any personal data is 6 years.


Our Controls

Sophie Lis is committed to keeping your personal data safe and secure to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed. Our security measures include: -

Encryption of data; any information you provide us via our website is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption.

We follow all PCI-DSS requirements. All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard and American Express. PCI-DSS requirements help to ensure the secure handling of credit card information by our site and our payment service providers. 
Regular cyber security assessments of all service providers who may handle your personal data;

Scenario planning and crisis management exercises to ensure we are ready to respond to cyber security attacks and data security incidents;

Internal policies setting out our data security approach and training for employees

What You Can Do To Help Protect Your Data

Sophie Lis will never ask you to confirm any bank account or credit card details via email. If you receive an email claiming to be from Sophie Lis asking you to do so, please ignore it and do not respond.

If you are using a computing device in a public location, we recommend that you always log out and close the website browser when you complete an online session.

In addition, we recommend that you take the following security measures to enhance your online safety both in relation to Sophie Lis and more generally: -

Keep your account passwords private. Remember, anybody who knows your password may access your account.

When creating a password, use at least 8 characters. A combination of letters and numbers is best. Do not use dictionary words, your name, email address, or other personal data that can be easily obtained. We also recommend that you frequently change your password. You can do this accessing your account, clicking ‘your account’, clicking ‘your data’ and selecting ‘change password’.

Avoid using the same password for multiple online accounts.

Your Rights

You have the following rights:

The right to ask what personal data that we hold about you at any time, subject to a fee specified by law (currently £10);
The right to ask us to update and correct any out-of-date or incorrect personal data that we hold about you free of charge; and
As set out above, the right to opt out of any marketing communications that we may send you.
If you wish to exercise any of the above rights, please contact us using the contact details set out below.

CONTACT INFORMATION

If you have any questions about how Sophie Lis uses your personal data that are not answered here, or if you want to exercise your rights and access, correct, amend or delete any personal information we have about you please contact us by any of the following means:

Email us at: info@sophielis.com

You have the right to lodge a complaint with the Information Commissioner’s Office. Further information, including contact details, is available at https://ico.org.uk.


Changes To This Privacy Policy

We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it.

Updated

This Privacy Policy was last updated in May 2018.