At Amanda Harrington®, we are committed to protecting your privacy. This Privacy Policy explains how we collect, use, and protect your personal data.
What Data We Collect
We collect data to operate effectively and provide you the best experiences with our products and services.
Account Data
We collect data you provide us such as:
- Name
- Email address
- Phone number
- Password
- Address
- Payment information
Order Data
We collect data regarding transactions made on our website or at physical stores including:
- Products purchased
- Time and date of purchase
- Payment method
- Shipping address
Correspondence Data
We collect data when you contact us regarding:
- Queries and requests
- Complaints or suggestions
- Product reviews
Social Media Data
We collect data when you interact with our social media accounts including:
- Likes, shares, and comments
- Photos and videos
- Direct messages
- Usernames
Survey Data
We collect data you provide in customer surveys and questionnaires.
Promotions Data
We collect data provided during participation in competitions, special offers, or other promotions.
Device/Usage Data
We collect data about your device and usage of our website including:
- IP address
- Browser type, version, and language
- Operating system
- Referral URLs
- Duration of visit
- Preferred page views
Cookies Data
We utilize cookie data per our Cookie Policy.
Sensitive Data
We do not collect any sensitive data such as data concerning health, race, religious beliefs, political views, sex life, or sexual orientation. Provide such data at your own discretion.
How We Use Your Data
We use your data to:
- Fulfill orders for products or services requested
- Respond to queries and handle requests
- Send promotional emails about special offers and updates
- Personalize user experience on our website
- Improve our services based on usage data and feedback
- Conduct analytics to inform business decisions
- Prevent fraud and enhance cybersecurity
Legal Basis for Processing Data
We collect and process your personal data per compliance with the General Data Protection Regulation (GDPR) on the following legal grounds:
Legitimate Interests
We may process your data when reasonably necessary to provide our services and grow our business.
Consent
We may process your data if you have given clear consent for us to do so for a specific purpose.
Contractual Obligations
We may process your data when necessary to fulfill a contract with you, such as processing orders or payments.
Legal Compliance
We may process your data to comply with legal obligations regarding regulatory reporting, law enforcement requests, litigation, or audits.
Data Retention
We retain your personal data for the minimum period necessary for purposes outlined in this Privacy Policy. We may retain data longer per legitimate business purposes like audits, fraud prevention, or litigation.
Data Protection
We implement appropriate technical and organizational safeguards to protect your data. Access is restricted to authorized personnel on a need-to-know basis.
Encryption
We use industry-standard encryption to protect data in transit and at rest.
Anonymization
We may anonymize your personal data to utilize for other purposes without identifying you.
Breach Response
We have dedicated procedures for responding to any data breach incidents swiftly and transparently.
Who We Share Your Data With
We only share your personal data with others for providing or improving our services, as outline in this Privacy Policy.
Service Providers
We share data with contracted service providers that help us operate our business, such as payment processing, delivery, marketing, analytics, customer support, and cybersecurity vendors.
Business Transfers
Your data may be transferred to an acquiring organization if we undergo a merger, acquisition, bankruptcy, dissolution, reorganization, or similar transaction or proceeding.
Legal Disclosure
We may disclose your data per a good faith belief it is reasonably necessary per:
- Law enforcement requests, litigation, or investigations
- National security interests
- Regulatory reporting and compliance
- Protecting rights, property, and safety of customers or the public from harm
Aggregate Information
We may share aggregate statistics about users with reputable third parties like academic institutions or authorities. No personal data is revealed.
Transfer of Data Outside the EU
We may transfer the personal data we collect outside the European Union (EU) to provide services and communicate with international customers. We implement safeguards such as Standard Contractual Clauses accepted by the European Commission to protect your data when transferred outside the EU.
Third-Party Links
Our website may contain links directing you to third-party websites over which we have no control. We are not responsible for and disclaim all liability regarding your privacy on such external sites per our Terms of Use.
Children’s Privacy
Our services are not directed to children under the age of 16. We do not knowingly collect personal data from children without parental consent. Contact us if you believe a child’s data has been improperly collected.
Your Data Rights and Choices
You have certain rights regarding your personal data as outlined below. Submit all requests regarding your data rights to [email protected]. We may take steps to verify identity before fulfilling requests.
Access
You may request details regarding the data we have about you and obtain copies.
Rectification
You may request correction of any incomplete or inaccurate data we have about you.
Erasure
You may request we delete certain data, subject to factors like legal exceptions or overriding legitimate interests.
Data Portability
You may get a machine-readable copy of certain data to transfer to another controller. This applies to data you have provided directly and processed via automated means with your consent.
Objection
You may object to processing data relying on legitimate interests as a legal basis. We will cease processing such data unless there are compelling legitimate grounds for processing that outweigh your interests and rights.
Restriction
You may request we restrict processing your data if:
- The accuracy of the data is contested
- Processing is unlawful but you object to erasure
- We no longer need the data but you require it for a legal claim
- You have objected to processing based on legitimate interests
We would then only process the restricted data per your consent, for legal claims, to protect rights of others, or for important public interests.
Withdrawal
You may withdraw consent granted for collecting and processing your data. This will not affect processing already conducted but may limit our ability to provide certain services requiring your data.
Complaints
If you wish to raise a complaint about how we have handled your personal data, please contact us. You also have the right to lodge complaints with your local data protection authority.
Changes to this Policy
We may occasionally update this Privacy Policy as necessary to reflect customer feedback, changes in our products or services, or changes in applicable laws or regulations. When revisions are made, the updated version will be posted with an updated revision date. We encourage you to regularly review the latest Privacy Policy to stay informed on how we are protecting your data.
This Privacy Policy was last updated on January 1, 2023.
Contact Us
If you have any questions regarding privacy practices at Amanda Harrington®, please contact us at:
Amanda Harrington®
Attn: Privacy Officer
95 Elm Grove
Portsmouth, England
Email: [email protected]