PRIVACY POLICY
What personal information do we collect from you and why?
At Folli Follie, we take your privacy and trust very seriously. This privacy and cookies policy ("Privacy Policy") is intended to outline how any personal data collected from you via www.follifollie.com (the "Website") or in one of our stores, will be protected, used, stored and processed by us to communicate with you and to deliver you excellent service whilst being compliant with the applicable data protection law (Regulation (EU) 2016/679 – hereinafter referred to as “GDPR”).
This Privacy Policy does not apply to websites that you may be able to access via links on the Website and/or activities offered by third parties. Please ensure you review any relevant policies on any third party websites before proceeding. Folli Follie is not responsible for the collection or use of your personal information from these third party websites.
We collect and process the following types of information about you:
1. Information we collect about you:
• when you sign up to our newsletter
• when you enter competitions and prize draws;
• when you register with the Website, by phone or by email, or provide personal information which you complete, or which we complete at your request in-store via a store card;
• when you place an order on our Website;
• if you ask us to receive personalised online content such as targeted advertising;
• if you contact or correspond with us (for example, by phone, email or otherwise) to find out more about a product or our after sale care and support services, to report a problem with the Website or a product or for any other reason.
With your consent, we process the following personal data which you provide when you interact with the Website and use the related services and functions. The data may include your first and surname, title, gender, birthdate (day, month & year), email address, phone number, address, financial information (such as credit or debit card details), as well as shipping address, billing address, and any other information that you consider necessary to provide us with.
The information collected from you via our Website will be matched with personal information you may have given us in our stores. This is to help us ensure that the data we hold about you is kept accurate and up to date.
In any event, even without your prior consent, we may process your data to comply with legal obligations stemming from laws, regulations and EU Law, to exercise rights in legal proceedings, to pursue our own legitimate interests and in all cases provided by Articles 6 and 9 of the GDPR, where applicable. Processing shall take place both using computers and on paper, and shall always entail the implementation of the security measures provided by current law.
2. Information that other Folli Follie members collect about you:
This is information we receive about you when you make a purchase in one of our stores or concession stores if you have completed a store personal information card. These stores will also provide us with a record of your transaction.
3. Information we receive from other sources about you:
We work closely with third parties, for example, business partners, sub-contractors for technical, payment and delivery services, advertising networks, analytics providers and search information providers. If we receive information about you from them, we will always seek assurances that they are providing information to us in accordance with data protection laws and that they are transparent with you that they may share your data with us. We may use this information to update our records about you to keep them accurate.
Why do we use your data?
We may use and share non-personal data we receive or collect from you without restrictions.
Folli Follie may use the above personal data held about you for the following purposes (purposes for which we need your consent are marked *):
• to carry out obligations arising from any contracts entered between you and us and to provide you with information, products and services that you request from us, i.e. to process and complete your orders and to process your payments;
• to remind you of products you have placed in your basket on the Website, but have not purchased*;
• to tailor our Website content to your needs and preferences*;
• to prevent, detect, and investigate fraud, security breaches, violations of law, and other misuse of the Website, and to enforce our General Terms and Conditions, which you can find here; • to address any enquiries, correspondence, concerns or complaints you have raised;
• for our internal operations, including data analysis, testing, research, statistical purposes and troubleshooting;
• to provide you with information about other products and services we offer that are similar to those that you have already purchased or enquired about. We will only contact you by email with such information if you have consented to this. More information about this is set out below under the heading “legal basis for processing”*;
• to deliver relevant advertising to you, for example, newsletters*; and
• to make suggestions and recommendations to you about other products or services that may be of interest to you*. • to carry out automated decision-making and profiling for the purpose of identifying wha information or advertising you might like to see from use, for example, by creating individual or group profiles.*
Your data may in any case be processed, even without your consent, for the purpose of complying with laws, regulations, EU Law (art 6.1.(c) of the GDPR, to perform statistics on the Website’s usage and ensure its proper functioning (art. 6.1.(f) of the Regulation), to enforce the Code of Conduct of the FF Group and to establish or defend the legal claims in the interest of the Company.
What is the legal basis for processing your data?
For some of the uses of your personal data (as described above) there is a legal basis under applicable data protection laws for us to use such personal data without your consent (these uses are not marked with *).
This includes, for example, where it is necessary for us to use the information in order to perform a contract with you or take steps at your request prior to entering into a contract with you, such as to process your order, provide aftercare and support services to you or manage the online account facility that we provide to you. It also includes circumstances (such as we have described below) where we have a legitimate interest to use your data, provided that proper care is taken in relation to your rights and interests:
• to ensure that we organise our database efficiently and understand how our clients may make purchases in different parts of the world;
• to send you marketing communications. You can opt out of our marketing communications at any time through the unsubscribe button at the bottom of every email or by contacting us on dataprotectionreport@ffgroup.gr.
•To present you with personalised offers on our website, through social media channels such as Facebook and Instagram and by placing banner advertisements on third party websites
• to carry out research and analysis of your data (including purchase information) as this helps us understand our clients better, who they are and how they interact with Folli Follie;
• to improve and ensure the security of the Website (for example, for statistical, testing and analytical purposes, troubleshooting); and
• to ensure that you know about any changes to the Website or the terms of this Privacy Policy.
Where we have a legal basis to use your information without consent (as we’ve described above), this Privacy Policy fulfils our duty to process personal data fairly and lawfully and in a manner that you would expect given the nature of our relationship with you, by giving you appropriate notice and explanation of the way in which your personal data will be used.
Where consent is required for our use of your personal information, by ticking the appropriate consent box or otherwise communicating your consent (for example, by email, providing non mandatory information, verbally in-store or on a store card), you consent to our use of that personal information for the purposes covered by the specific consent that you have given. For example, we will only process your personal information for marketing purposes if we have your consent to do so.
Marketing newsletter and keeping in touch with you
We will, if you have given us your consent, provide you with information about products, services, events, sales and marketing from Folli Follie (including personalised online content and advertising, social media platforms or our online partners).
1. Our Mailing List We will ask whether you would like us to send you marketing messages when you tick the relevant boxes when you check out, sign up for newsletters or updates, or if you register with us via the Website, by phone, by email or the store personal information card. With your consent, we will use your email address as a convenient way to contact you about your order or any reminder service you have. From time to time, we may update you on relevant Folli Follie site or new gift news, but only with your permission.
2. Can I be removed from your mailing list? We will send you special offers and promotions by email. If you do not want to receive offers and promotions by email, simply click on the unsubscribe link in any email. You can unsubscribe at any time.
3. Will you pass my data on to third parties? We will never pass on your email address to a third party for marketing purposes (except if they are contacting you on behalf of Folli Follie). We respect your privacy and are committed to protecting it.
How We Protect and Retain Your Personal Data
Your privacy as an individual and as a customer is important to us, so we don't use the information you provide on this site to learn any more about you other than what is required to fulfil your orders or offer you services such as new alerts or reminder services. Any personal data gathered by us in your use of this site will be recorded electronically and only used in accordance with the UK Data Protection Act 1998.
Regarding any transfer of Data outside the EU, including in countries whose laws do not guarantee the same level of protection to personal data privacy as that afforded by EU Law, the Controller informs that the transfer shall in any event take place in accordance with the methods permitted by the GDPR
• How do we protect the information we hold about you on your internal systems?We protect your privacy in several ways: The personal data is entered into the our computer system in full compliance with data protection law, including security and confidentiality profiles and based on principles of correct practice, lawfulness and transparency in processing. Access to customer account information is limited to those who need access for the performance of their job. We use full login and password controls on our system. All calls are recorded and monitored for training and security purposes. Confidentiality and database access controls are reviewed periodically and updated as required to further protect our personal data.
• Persons who have access to the Data Data is accessible by Folli Follie staff authorised to process personal data. In particular, staff belonging to the following categories: IT and administrative staff, customer services, marketing as well as other individuals who need to process the data to perform their job duties.
Who will we share your personal data with?
Your data may be stored in a database that we, as well as other members of the FF Group, can access. We do this to help us organise our databases efficiently and understand how our clients may make purchases in different parts of the world.
We may also share your data with the following categories of selected third parties in accordance with this Privacy Policy:
• service providers (for example, IT services), business partners, suppliers and sub-contractors for the performance of any contract we enter into with you (such as, but not limited to, Website operations, payment services, shipments, delivery couriers, fraud investigations, bill collection, and affiliate and rewards programs);
• analytics and search engine providers that assist us in the improvement and optimisation of the Website;
• law enforcement or regulatory agencies, or authorised third parties, in response to a verified request relating to a criminal investigation or alleged illegal activity or any other activity through the Website that may expose us and/or the user or any third party to legal risks or liability; and
• other business entities, should we plan to merge with or be acquired by that business entity. Should such a combination occur, we will require that the new combined entity follow this Privacy Policy with respect to your data.
These third parties who may receive your data will process that data for the purposes specified above and in accordance with applicable law. Folli Follie will retain a list of the third parties with whom data is shared, which will be available upon request.
Why do we retain your data and how can you access it?
We will store your data for as long as strictly necessary for us to provide the relevant services to you, for as long as you wish to keep in touch with us or as long as is necessary to provide support-related reporting & analysis. Even if you request to erase your data, we may keep it in a form that doesn’t identify you. If reasonably necessary or required to meet legal or regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our terms and conditions, we may also keep hold of some of your information as required, even after you have closed your account or it is no longer needed to provide the services to you. If you have not agreed that we may use your data for marketing purposes, we will keep your data for 6 years after you have made a purchase from us.
What are your rights?
You have the following rights with regard to your personal information:
• Access. You have the right to access data we hold about you as well as an updated list of the individuals who can access your data. We will need you to prove your identity before we release any personal data to you.
• Rectification or erasure. You have the right to request that we rectify or delete any personal data that we hold about you (unless we have the legal right or obligation to retain it).
• Restriction. You have the right to restrict your use of personal information if the data is inaccurate, our use of the information is unlawful or if we no longer need to use the data for the purposes for which we hold it.
• Change of preferences. You can change your data processing preferences at any time. For example, if you have given your consent to direct marketing, but have changed your mind, you can opt out of receiving marketing communications by contacting us using the details provided below or clicking the “unsubscribe” link in any communication you receive.
• Automated decision making. If you have any questions in respect of our automated decision-making processes or the accuracy of them, please let us know, or to change your preferences, please see above.
• Data portability. You have the right to obtain personal data we hold about you, in a structured, electronic format, and to transmit such data to another data controller, where this is (a) personal data which you have provided to us and (b) if we are processing that data on the basis of your consent (such as your marketing preference information) or to perform a contract with you (such as to manage your online account).
• Complaints. If for any reason you are not happy with the way that we have handled your personal data, please contact us. If you are still not happy, you have the right to make a complaint to the Information Commissioner’s Office.
To exercise any of the rights mentioned above, please write to us at Folli Follie, 23klm Athinwn-Lamias National Highway, Agios Stefanos, 14565 Greece or send an email to dataprotectionreport@ffgroup.gr.
If you ask us to stop processing your personal information in a certain way or erase your personal information, and this type of processing or information is needed to facilitate your use of the Website or is required to enable us to provide you with a service (such as to manage your online account), you may not be able to use the Website or the service as you did before.
This does not include your right to object to direct marketing which can be exercised at any time without restriction. Please allow at least 3 working days for your request to be actioned.
The rights mentioned above do not extend to non-personal data
What are cookies and why do we use them?
There are two types of cookie that may be used during your visit on our website:
- Technical cookies: these are necessary for the website to function correctly and to permit browsing by the user; without these, a user may not be able to view the pages correctly or to use certain features.
- Profiling cookies: these are used for creating user profiles to send advertising messages in line with preferences shown by the user during browsing.
Cookies, whether “technical” or “profiling”, can also be classified as:
• Site Functionality Cookies: These cookies are used to identify users between page loads and are essential in enabling you to browse the website, such as remembering certain user settings. Without them, certain services provided (such as use of the shopping bag) on the website could not be provided.
• Analytics Cookies: These cookies are used to measure and analysis how the visitors use the website (for example site traffic, total sales through the Website, the pages visitors go to most often and pages from which the visitors get error messages) in order to continuously improve the Website and the customer shopping experience. All information collected by these cookies is anonymous and are not used to identify you.
• Customer Preference Cookies: Functionality cookies remember your preferences and behaviour and help us to personalise your shopping. So, if the last time you visited, you decided that you wanted to shop the UK site in English and see prices in £s, that's what we'll show you.
• Targeting & Advertising Cookies: These cookies may be used in order for us to deliver personalised advertisements that are more relevant to you. They also limit the number of times that you see one of our advertisements online and help us measure the effectiveness of our marketing campaigns.
• Third Party Cookies: Folli Follie partners with third party companies for marketing and advertising purposes. These cookies allow us to make more informed decisions about what our customers want from us. Third party companies may employ a mixture of both session and persistent cookies. Any information that they collect is anonymous.
• Deleting or Controlling Cookies: If you prefer, set up your internet browser to not accept cookies. You should still be able to use our site without having cookies enabled. However, it must be noted that disabling cookies could impair your ability to use the Website and/or prevent you from benefitting in full from the available functions and services. Further information about controlling or deleting cookies visit www.allaboutcookies.org.
reCAPTHCA
We use the reCAPTCHA service provided by Google Inc. (Google) to protect your submissions via internet submission forms on this site. This plugin checks if you are a person in order to prevent certain website functions from being (ab)used by spam bots (particularly comments). This plugin query includes the sending of the IP address and possibly other data required by Google for the Google reCAPTCHA service. For this purpose your input will be communicated to and used by Google. However, your IP address is previously truncated by Google within member states of the European Union or in other states which are party to the agreement on the European Economic Area and is, as such, anonymized. Only in exceptional cases is a full IP address transmitted to a Google server in the United States and truncated there. On behalf of the operator of this website, Google will use this information to evaluate your use of this service. The IP address provided by reCaptcha from your browser shall not be merged with any other data from Google. This data collection is subject to the data protection regulations of Google (Google Inc.). For more information about Google's privacy policy, please visit: https://www.google.com/intl/en/policies/privacy/ By using the reCAPTCHA service, you consent to the processing of data about you by Google in the manner and for the purposes set out above.
How can we make changes to this policy
We will notify you of changes to this Privacy Policy by posting the amended terms on the Website.
If you do not agree to the new terms of this Privacy Policy, you should stop using the Website, and if you are a registered user, you may cancel your account with us within the thirty (30) day period by contacting us at dataprotectionreport@ffgroup.gr. Your account will be closed and you will not be bound by the new terms. You may also ask us to delete your information (as mentioned above).
Otherwise, continued use of the Website after the effective date of changes constitutes acceptance of the new terms of this Privacy Policy.
Contact Us
We are always happy to hear from our customers. If you have any questions regarding our privacy policy, would like us to stop using your information, would like to exercise your rights as stated above or have a complaint, then please get in touch.
You can contact our privacy team by email at dataprotectionreport@ffgroup.gr or via our Customer Care team at eshop@follifollie.gr or by phone at +30 210 6241140 Or, you can write to us at:
FFGROUP
23rd klm ATHENS-LAMIA HIGHWAY
AGIOS STEFANOS,
GREECE,
14565.