Privacy Policy of Guashe Athleisure Ltd
Guashe Athleisure Ltd
27 Faucoonberg Court
Fauconberg Road
W4 3JQ
Contact us on: info@guashe.co.uk
1- Security and protection of your personal data when visiting our website
Guashe Athleisure (referred to hereafter as “Guashe Athleisure" or "we") takes the protection of your personal data very seriously and uses extreme care and the most advanced security standards to guarantee it.
We consider it our overriding responsibility to safeguard the confidentiality of the personal data provided by you and to protect them from unauthorised access.
2- Definitions
In order to ensure a transparent and easily understandable declaration regarding the processing of your personal data, we would like to inform you about the individual legal definitions used in this privacy policy:
- Personal data
"Personal data" means any information relating to an identified or identifiable natural person (hereafter referred to as "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
- Processing
"Processing" means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
- Restriction of processing
"Restrictions on processing" means the marking of stored personal data with the aim of limiting their processing in the future.
- Profiling
"Profiling" means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location, or movements.
- Pseudonymization
"Pseudonymization" means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
- Filing system
"File system" means any structured set of personal data which are accessible according to specific criteria, whether centralised, decentralised or dispersed on a functional or geographical basis.
- Data controller
"Data controller" means the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
- Processor
"Processor" means a natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller.
- Recipient
"Recipient" means a natural or legal person, public authority, agency, or another
body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.
- Third party
"Third party" means a natural or legal person, public authority, agency, or body other than the data subject, controller, processor, and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
- Consent
"Consent" of the data subject means any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
3- Lawfulness of processing
Processing shall be lawful only if there is a legal basis for processing data. Pursuant to Article 6 paragraph 1 points (a) – (f) GDPR such legal basis for processing data can be in particular:
- The data subject has given consent to the processing of his or her personal data for one or more specific purposes;
- processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
- processing is necessary for compliance with a legal obligation to which the controller is subject;
- processing is necessary in order to protect the vital interests of the data subject or of another natural person;
- processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
- processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
4- Collection of personal data during a visit to our website
In case of a merely informative use of the website, i.e. if you do not register, buy something, or disclose to us data in other ways, we collect only those personal data which your browser transmits to our server. If you visit our website, we collect the data below which are technically necessary for us to show you our website and ensure its stability and security (the legal basis for this is Art. 6 paragraph 1 clause 1 point (f) GDPR):
- IP address
- Date and time of your inquiry
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (actual page)
- Access status/HTTP status code
- Transmitted data volume
- Website from which the request is received
- Browser
- Operating system and its interface
- Language and version of the browser software.
- Information about the collection of personal data – (email, contact form, customer account and online shop)
- In what follows we inform you about the collection of your personal data when you use our website (contact form, customer account and online shop)
If you contact us by email, the data disclosed by you to us (email address, if necessary your name and your telephone number) are stored by us to allow us to answer your questions. We erase the data collected in this context after storage is no longer necessary or if processing is restricted or of there exist legal retention obligations.
- If you buy products via our website or if you open a customer account for the administration of your current or future orders, we collect for this purpose the data that we need for the performance of the contract. These can be seen in the respective input fields for registration (customer account) or the purchase order form. When you place an order, we need as a minimum the obligatory data marked with a star (*). We use these data pursuant to Art. 6 paragraph 1 clause 1 point (b) GDPR for the performance of the contract and for handling your inquiries.
Our shop is hosted by Shopify Inc. Shopify offers us an e-commerce platform that allows us to sell our goods and services to you.
Your data are administered via data storage, a database and generally the Shopify app. Shopify stores your data on a secure server behind a firewall.
If you pay by credit card, Shopify stores your credit card data. These are encrypted using the Payment Card Industry Data Security Standard (PCI-DSS). The data of your purchase will be stored only as necessary for the duration of your purchase. As soon as it is completed, your purchase data are erased. All direct payment portals are subject to the PCI-DSS standard and are administered by PCI Security Standard Council, a joint initiative by Visa, MasterCard, American Express and Discover. PCI-DSS conditions help to ensure secure payment transactions using your credit card information in our shop and at the service providers. More detailed information can be found in the terms of use (https:// www.shopify.com/legal/terms) or privacy policies (https://www.shopify.com/legal/privacy) of Shopify.
- Aside from payment by credit card, we offer also other payment methods for the use of our cybershop and for this purpose avail ourselves of various other payment service providers with whom we have signed third-party data processing agreements. We disclose different data to the various payment service providers depending on which payment method you have chosen.
6- Use of external tools on our website
We have integrated various tools from different companies with our website which allow us to analyze user behavior or establish links with other websites. For this purpose we work with the following service providers:
Google Analytics
The third-party data processor has integrated the component Google Analytics on this website (with anonymization function).
Google Analytics is a website analysis service. Website analysis refers to the collection, recording and analysis of data regarding the behaviour of visitors to the website. A website analysis service records e.g. data showing from which website a data subject has come to a website (so-called referrer), which subpages of the website were accessed or how often and how long a subpage was viewed. Website analysis is used mainly for the optimisation of a website and for a cost-benefit analysis of Internet adverting.
Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA, is the operator of the Google Analytics component.
Google Analytics uses cookies. The information about your use of our website generated by the Google Analytics cookie is normally transmitted to a Google server in the USA and stored there. Google might disclose these personal data collected via the technical procedure to third parties.
However, when you by activate IP anonymization on our website, Google shortens your IP address within the Member States of the European Union or in other countries that are parties to the European Marketing Area Treaty. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. Google uses this information to analyze your use of the website in order to compile a report about your website activities and provide us with other services associated with your website and Internet use. The IP address of your browser transmitted by Google Analytics is not linked to any other Google data.
This website also uses the UserID functions of Analytics in order to be able to track interaction data. This User ID is also anonymised and encrypted and is not linked to other data.
You may prevent the storage of cookies by setting your browser software accordingly, but you might then not be able to fully use all functions of our website.
You may furthermore prevent the disclosure of the data generated by the cookie which refer to the use of the website (incl. your IP address) to Google as well as the processing of these data by Google by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
This browser add-on notifies Google Analytics via JavaScript that no data or information about website visitors may be transmitted to Google Analytics.
Besides, a cookie left behind by Google Analytics may be erased at any time via the Internet browser or other software programs.
Additional information and the applicable privacy policy of Google may be downloaded f r o m h t t p s : / / p o l i c i e s . g o o g l e . c o m / p r i v a c y ? h l = d e a n d f r o m h t t p s : / / marketingplatform.google.com/about/analytics/terms/de/ . Google Analytics is explained in more detail under this link: https://marketingplatform.google.com/about/.
Our website also uses Google Analytics performance reports by demographic factors and interests as well as reports about impressions in the Google Display Network. You may
deactivate Google Analytics for display advertising and set the displays in the Google Display Network by accessing the display settings. Google Tag Manager
This website uses Google Tag Manager. This service allows you to administer so-called website tags centrally via an interface. Google Tag Manager implements only tags. No cookies are used and no personal data are collected.
Google has a suitable privacy policy for such data collection by third-party providers. However Google Tag Manager does not access these data. If certain domains/websites or cookies were deactivated, it remains in place for all tracking tags provided that they are implemented using Google Tag Manager.
Facebook Tracking Pixel
With your consent we will use Facebook's "tracking pixel". With the help of this pixel the behaviour of users can be tracked once they are linked by click to a Facebook or Instagram ad on our website. This allows us to record the effectiveness of the Facebook and Instagram ads for statistical and market research purposes and to take optimisation measures if necessary. Users who clicked on a Facebook or Instagram ad on our website may be tracked for up to 180 days.
The data recorded in such a manner are anonymous for us, i.e. we do not see the personal data of the individual users. These data are however stored and processed by Facebook, which we will bring to your attention as we become aware of it.
Facebook may link these data with the Facebook account and use them also for its own advertising purposes according to its own data use guidelines. If you prefer to deactivate the cookie storage on behalf of Facebook, you may do so by adjusting your browser settings accordingly.
Facebook Communications Tools
We also use Facebook's Communications Tools, in particular the product "Custom Audiences" and "Website Custom Audiences". In principle this generates a non-reversible and non-personal checksum (hash value) of your user data which may be transmitted to Facebook for analysis and marketing purposes.
If you wish to object to the use of Facebook's Website Custom Audiences, you may do so under https://www.facebook.com/settings/?tab=ads.
In addition we use Customer Match Lists in the context of our Facebook advertising activities, e.g. for "Lookalike Audiences" and remarketing. For the use of Customer Match, lists with encrypted user data are uploaded to Facebook. After uploading the data, the system checks which data are already known and assigns the users to a list. After the preparation of the Customer Match List the encrypted customer data are again automatically erased. Facebook does not obtain any new addresses in this process (encryption).
7- Cookies:
Cookies and similar tracking technologies, such as tags, scripts and beacons, are small pieces of code (referred to as cookies hereafter) that are stored on a device (computer, mobile phone, tablet etc) and enable a website to "personalize" itself to users by remembering information about the user's visit to the website. We also use cookies within emails we may send.
Cookies are used to collect information, where available, about your device, your IP address, operating system and browser type and how you have interacted with our websites.
Why do we use them?
Our websites use cookies to:
Store any preferences you have made and display content to you in a more personalized way
Evaluate our websites' advertising and promotional effectiveness
Gain insight into the nature of our audience so we can tailor our content accordingly Provide interest-based advertising on our websites and on other websites which are tailored to your interests and preferences
Obtain information about how visitors interact with our content, and to help us improve the experience when visiting our websites.
We advertise on our site and in our newsletters to help keep the content free for our audiences.
We will always make sure our websites contain clear and easy to find information about our cookies, and you can find more information about the purposes for which we use cookies below.
What types of cookies do we use?
Session cookies - We only use these while you are visiting our website and they are deleted when you leave. They remember you as you move between pages, for example recording the items you add to an online shopping basket. They also help maintain security.
Persistent cookies - These cookies stay on your computer until they expire or are deleted. We set automatic deletion dates so that we don't keep your information for longer than we need to.
First and third-party cookies – Whether a cookie is ‘first’ or ‘third’ party refers to the website or domain placing the cookie. First party cookies in basic terms are cookies set by a website visited by the user - the website displayed in the URL window. Third party cookies are cookies that are set by a domain other than the one being visited by the user. If a user visits a website and a separate company sets a cookie through that website this would be a third-party cookie.
The cookies we use can also be categorised by function:
Stricly Necessary Cookies
These cookies are necessary for our websites to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of our websites may not then work.
Performance Cookies
These cookies allow us to precisely count visits and traffic sources so we can measure and improve the performance of our websites. They help us to know which pages are the most and least popular and see how visitors move around the sites.
Functional Cookies
These cookies enable our websites to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.
Targeting Cookies
These cookies may be set through our websites by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising. If you reject targeting cookies you will still see adverts on our websites, but they will not be tailored to your likely interests using information collected from cookies and similar technologies on your device.
Social Media Cookies
These cookies are set by a range of social media services that we have added to our websites to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.
Audience Measurement
We also place an audience measurement cookie on our websites when you access them. This audience measurement cookie is limited to audience measurement to enable us to operate our websites and is only used to produce aggregated statistical data. You can refuse this cookie for subsequent visits to our websites using the controls available through the "Show Purposes" button on the cookie management and consent pop-up displayed when you first navigate to our websites, or from the ‘Manage Preferences’ link on the footer of each page of our websites.
Browser-level cookie controls
Most browsers allow you to manage cookie settings. These settings can usually be found in the ‘Settings’, ‘Options’ or ‘Preferences’ menu of your browser. The links below are provided to help you find the settings for some common browsers.
Manage cookie settings in Chrome and Chrome Android and Chrome iOS Manage cookie settings in Firefox
Manage cookie settings in Internet Explorer Manage cookie settings in Microsoft Edge Manage cookie settings in Safari and Safari iOS
- Your privacy rights:
- Ability to withdraw your consent, Article 7 GDPR
Pursuant to Article 7 paragraph 3 GDPR you have the right to withdraw your consent to the processing of your data granted to us at any time for any reason. You may send your withdrawal notice in no particular format to the mailing address or email address shown at the beginning of this privacy policy. Withdrawal of the consent does not affect the legality of the data processed up to the withdrawal based on your consent (Article 7 paragraph 3 clause 2 GDPR).
(2) Right of access to information, Article 15 GDPR
Pursuant to Article 15 paragraph 1 GDPR you have the right to know whether we process your personal data. If we do, you have a right to additional information (Article 15 paragraph 2 GDPR).
- Right to rectification, erasure or restriction of processing, Article 16, 17 and 18 GDPR Under Article 16 GDPR you have the right to demand the immediate rectification of inaccurate personal data and the completion of incomplete data, including by means of a supplementary statement.
In particular, pursuant to Article 17 GDPR you have the right to demand the erasure of personal data concerning yourself if the processing of your personal data is not or no longer permitted.
- Right to object, Article 21 GDPR
Under Article 6 paragraph 1 (e) or (f) GDPR you have the right to object at any time to the processing of your personal data on grounds relating to your particular situation; this applies also to any profiling based on these provisions. We will then no longer process your data unless we demonstrate compelling legitimate grounds for such processing which override your own interests, rights, and freedoms.
You may exercise the right to object at any time by contacting us via the contact options specified in the imprint.
(5) Right to lodge a complaint with a supervisory authority, Article 77 GDPR
Without prejudice of another administrative or judicial remedy, you also have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your
place of residence, your job or the place of the presumed violation if you believe that the processing of your respective personal data is unlawful. For our European customers: Your competent supervisory authority is that of your residence. A list of all supervisory authorities can be found under https://edpb.europa.eu/about-edpb/about-edpb/ members_en