May 25, 2018
Throughout this notice, the terms “we”, “us” and “our” refer to ENDER LEGARD Ltd.
For queries regarding this notice, we may be contacted via email (GDPR@enderlegard.com), telephone (+44 (0) 207 252 4666) or by post at Unit 1, The Workhouse, 90A Camberwell Road, London SE5 0EG, UNITED KINGDOM
You may use any of the above contact methods to inform us of any changes to your personal information (e.g. your email address, postal address etc) We may also from time to time contact you to ensure that any personal data we hold about you is accurate and up to date.
• The personal data we collect
• How we use your personal data
• Our legal basis for processing your personal data
• How we collect your personal data
• Marketing communications
• Disclosures of your personal data
• International transfers of your personal data
• Data security
• Data retention
• Your rights
• Questions and contact information
THE PERSONAL DATA WE COLLECT
When you browse or shop at enderlegard.com, we may collect and process the following data about you:
• Device Information - When you visit our Site, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We collect Device Information using the following technologies: “Cookies”, “Log files”, “Web beacons,” “tags,” and “pixels”. (See our Cookies Policy for more information)
• Order Information - When you make a purchase or attempt to make a purchase through our Site, we collect certain information from you, including your name, business name, billing address, shipping address, payment information (including credit card numbers as processed through our payment gateways STRIPE, PayPal, ApplePay, Klarna), email address, and telephone or mobile number.
• Additionally, we may also collect your marketing and communication preferences and any other data you directly provide to us whether through a contact form, over the telephone, by email or otherwise - for example when providing information regarding your measurements or photographs as part of your request or enquiry for help with garment sizing - and use this to send you sales and marketing communications that we believe may be of interest to you provided we have your explicit consent for this activity, or if you are an existing customer where we have a legitimate interest in communicating with you. Under the law, you can opt out of our sales and marketing communications at any time.
HOW WE USE YOUR PERSONAL DATA
We collect and process your personal data for the following purposes:
• We use the Order Information that we collect generally to fulfill, record and store any orders placed through the Site (including processing your payment information, arranging for shipping, and providing you with invoices and/or order confirmations). Additionally, we use this Order Information to communicate with you; screen our orders for potential risk or fraud; and - when in line with the preferences you have shared with us - provide you with marketing information or advertising relating to our products or services.
• We use the Device Information that we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimise our Site (for example, by generating analytics about how our customers browse and interact with the Site, and to assess the success of our marketing and advertising campaigns). We may also use your data to deliver relevant website content and products to you through advertising/ retargeting campaigns.
OUR LEGAL BASIS FOR PROCESSING YOUR PERSONAL DATA
Under General Data Protection Regulations (GDPR), we must have a valid reason for using your personal data. The lawful grounds of processing your personal data are as follows:
• Customer Data - When you choose to purchase a product from www.enderlegard.com, we ask you for personal data such as your name, billing address, delivery address, email, contact telephone numbers, purchase details and payment details. This data is necessary to allow us to fulfil our contract with you and is processed in order for us to supply and deliver the goods you have purchased and to keep all resultant records of the transaction. Lawful ground for processing: The performance of a contract between you and us (at your request) and our Legitimate Interest in keeping proper records of these transactions.
• Communication Data - Any communication that you send to us through our website, by email, social media messaging, social media posting or any other method when enquiring about our products. We process this data for the purposes of replying to your communication and to keep records of this. Lawful ground for processing: Our legitimate interests to reply to communications sent to us, to keep records and to establish, pursue or defend legal claims.
• Technical Data - Includes data sourced from our analytics about your use of our website such as your IP address, login data, browser/ device details, length and frequency of visits, page views and navigation paths, date and time of visit and other technology on the devices you use to access our website. We process this data to analyse your use of our website and other online services, to administer and protect our business and website, to deliver relevant website content and advertisements to you and to understand the effectiveness of our advertising. Lawful ground for processing: Our legitimate interests to enable us to properly administer our website and marketing strategy.
• Marketing Data - Includes data you have provided to us about your marketing and communications preferences when you consented to us sending you details about our products, promotions or offers. This data is processed to deliver relevant website content and advertisements to you and to measure or understand the effectiveness of this advertising. Lawful ground for processing: Your consent and our legitimate interests in ensuring that you receive information about goods and services that may be of interest and relevance to you.
• Sensitive Data - We do not collect any Sensitive Data about you. Sensitive data is defined as data that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, information about your health, genetics or biometric data. We also do not collect any information about criminal convictions and offences nor do we carry out any automated decision making or profiling.
Lawful Disclosure - We may process your personal data without your knowledge or consent where this is required or permitted by law.
HOW WE COLLECT YOUR PERSONAL DATA
Our lawful ground of processing your personal data in order to send you relevant marketing communications, is either your (opt-in) consent or our legitimate interests (namely the growth and welfare of our business)
Under the Privacy and Electronic Communications Regulations, you may receive marketing communications from us if (i) you made a purchase or asked for information from us about our goods or services or (ii) you agreed to receive marketing communications and in each case you have not opted out of receiving such communications.
Under these regulations, if you are a limited company, we may send you marketing emails without your consent. However, you still have a choice and can opt out of receiving marketing emails from us at any time.
We will not share your personal data with any third party for their own marketing purposes.
You can ask us to stop sending you marketing messages at any time by following the opt-out links on any marketing message we have sent you or by emailing us at GDPR@enderlegard.com Note: If you opt-out of receiving marketing communications this opt-out does not apply to personal data previously provided as a result of other transactions including the previous purchase of goods from us.
DISCLOSURES OF YOUR PERSONAL DATA
In some instances, we may have to share your personal data with third parties that we use to provide our services. We require that these parties guarantee compliance with legislation on the processing of personal data and we will only permit such third parties to process your personal data for specified purposes and in accordance with our instructions. The third parties in question belong to the following categories:
• Internet providers and companies who specialise in IT and system administration services.
• Payment processors and fraud prevention agencies
• Professional advisors (accountants, banking operators, lawyers, insurers)
• Analysis tools providers
• Government bodies
• Social media organisations
• Customer Support tools providers
• Marketing and email providers
• Companies providing courier and distribution services
• Internal communication tools providers
Under some circumstances we may be required to share your data without your consent, for example if we are required by the police, the courts or for other legal reasons. We may also transfer your personal data to a buyer or potential buyer in the event that our assets - or part thereof - are acquired by another organisation. In this case, the purchaser will be required by law to use your personal data only as described in the General Data Protection Regulations 2016.
INTERNATIONAL TRANSFERS OF YOUR PERSONAL DATA
In some circumstances your personal data may be transferred to countries outside the European Economic Area (EEA). In these instances, we will endeavour to ensure that an adequate level of data protection is in place to provide a similar degree of security to your data as provided under the provisions of the General Data Protection Regulations 2016.
• We will only transfer your personal data to countries that the European Commission have approved as providing an adequate level of protection for personal data by; or
• Where we use certain service providers, we may use specific contracts or codes of conduct or certification mechanisms approved by the European Commission which give personal data the same protection it has in Europe; or
• If we use US-based providers that are part of EU-US Privacy Shield, we may transfer data to them as they have equivalent safeguards in place.
If none of the above safeguards is available, we may request your explicit consent to the specific transfer. You will have the right to withdraw this consent at any time.
To protect your personal data, we take all reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed without authorisation. We only permit access to your personal data to those employees and partners who have a legitimate business need to know such data and will ensure that they process your personal data confidentially and on our instructions only. If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards. Notwithstanding, we have procedures in place to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach if we are legally required to.
We will only keep your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. After this period, your data will be permanently erased or in some circumstances we may anonymise your personal data for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
• When you have purchased goods from us, we will retain the billing data until the end of the relevant accounting period, normally seven years from the billing date;
• When you make a payment, we will retain your payment details up to the certification of the payment and the completion of the relevant administrative-accounting formalities regarding your right of withdrawal and the terms applied for the disputing of the payment;
• When you give us your consent to send you marketing communications, you can withdraw your consent at any time. We will consider your consent to be current for 2 years from your last interaction with any email that we send you;
• When we use your personal data and browsing history to analyse your behaviour in order to customise the website and to show you personalised sales offers, we will keep the data for analytical purposes until you ask us to delete it;
• When we use personal data for market research and satisfaction surveys, we will keep the data until you ask us to stop.
• When you contact our Customer Care team, we will keep any additional personal data you provide that is specific to your inquiry for as long as you remain an active customer of www.enderlegard.com
Under data protection laws you have rights in relation to your personal data. These may include:
• The right to access to your personal data;
• The right to rectification of your personal data;
• The right to object to and restriction our processing of your personal data;
• The right to be forgotten; erasure of your data;
• The right to data portability;
• The right (where lawful ground of processing is consent), to withdraw consent.
You may read more about your rights in the EU general data protection regulation Chapter III, at https://ec.europa.eu/info/law/law-topic/data-protection/reform/rights-citizens_en or at https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/
To exercise your rights or if you otherwise have any questions regarding our processing of your personal data, you may contact us at GDPR@enderlegard.com
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive or refuse to comply with your request in these circumstances.
Note: We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response. We try to respond to all legitimate requests within one month but it may on occasion take longer if your request is complex or you have made a number of requests. In this case, we will notify you.
If you are unhappy with any aspect of how we collect and use your data, you have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk)
QUESTIONS AND CONTACT INFORMATION
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact GDPR@enderlegard.com
DELIVERY TIMES // COSTS - We ship all orders from London, UK with Royal Mail, FEDEX or UPS using a fully trackable service needing a signature upon delivery. Delivery times are estimates and usually start 24 hours after your order has been placed to allow for order packing (we do everything by hand!)
£4.95 - Standard Shipping (3-5 business days)
£7.30 - Express Shipping (1-3 business days)
EUROPE (AT, BE, DK, FR, DE, IE, IT, NL, PL, PT, ES)
€12 (GBP 10.80) - Standard Shipping (7-10 business days)
€22 (GBP 19.45) - Express Shipping (2-3 business days)
€17 (£15) - Standard Shipping (7-10 business days)
from €28 (£25) - Express Shipping (4-6 business days)
USA (& CANADA
$22 (£17.90) - Standard Shipping (7-10 business days)
$24 (£19.80) - Express Shipping (2-3 business days)
AUSTRALIA (& NEW ZEALAND
AUD27 (£14.95) - Standard Shipping (7-10 business days)
AUD36 (£24.45) - Express Shipping (4-6 business days)
SOUTH & CENTRAL AMERICA
$26 (£20) - Standard Shipping (9-14 business days)
MIDDLE EAST // ASIA
$33 (£25) - Standard Shipping (7-10 business days)
$39 (£29) - Express Shipping (4-6 business days)
$39 (£30) - Standard Shipping (7-10 business days)
DUTIES, TAXES and CUSTOMS CLEARANCE CHARGES
Non EU countries may levy import duties if your order value goes over a certain threshold. For US customers this threshold is $800 and for Australian customers it is AUD 1,000. These charges are unfortunately not under our control. If you have been charged import duties and then want to return your item to us for a refund, you'll be able to reclaim these charges. Your Customs and Border Protection agency can offer guidance.
All items are shipped insured and tracked and will need a signature upon delivery at which point responsibility for your purchased goods passes to you. If you have specified a recipient other than yourself for delivery purposes (e.g. as a gift or if you are out) then you accept that evidence of a signature by them (or at the specified delivery address) is evidence of delivery and fulfilment by ENDER LEGARD Ltd and transfer of responsibility in the same way.
If you have additional questions about our delivery policy, call us on +44 (0) 7252 4666 Mon-Fri from 10am - 6pm GMT, or if you prefer email us at firstname.lastname@example.org
Need Help or Advice? Our stylists are available on LiveChat, by email, on Messenger or by telephone (+44 207 2524666) Monday to Friday from 10am - 6pm (GMT)