We’ll always keep your data safe and secure. So you’re clued up, here’s why we need it and how we use it.
Sharing your information
We will not sell, distribute or lease any of your personal information to third parties unless we have your permission or are required by law to do so. This includes including your name, address, email address or credit card information.
However, we share your data with the following categories of companies as an essential part of being able to provide our services to you, as set out in this statement:
- Companies that do things to get your purchases to you, such as payment service providers and delivery companies
- Credit reference agencies, law enforcement, and fraud prevention agencies, to help us tackle fraud
- Professional service providers such as website hosts
How do we use your data?
In providing your personal data you consent to Luisa Emma using the data collected in order to meet our commitments to you and to provide you with the service you expect. We need your personal data for the following purposes:
- To create your personal account at www.luisaemma.at (e.g. your name and email address)
- To process your orders (e.g. your name, address, date of birth and bank details)
- To be able to send text message notifications of delivery status (e.g. your mobile phone number)
- To be able to send you marketing offers such as newsletters and our catalogues (e.g. your email address, your name, and your postal address)
- To be able to contact you in the event of any problem with the delivery of your items (e.g. telephone number, address)
- To enable us to answer your queries and to inform you of new or changed services (e.g. your email address)
- To notify the winners in promotions (e.g. your email address, name, home address, and telephone number)
- Managing your account by carrying out credit checks (e.g. name, address, date of birth)
- To be able to analyze your personal data to provide you with relevant marketing offers and information (e.g. name, buying habits)
- To be able to validate that you are of legal age for shopping online (e.g. date of birth)
We will only keep your data for as long as necessary to carry out our services to you or as long as we are required by law. After this, your personal data will be deleted. We cannot remove your data when there is a legal storage requirement, such as bookkeeping rules or when there is a legal ground to keep the data, such as an on-going contractual relationship.
Non-personal data is used as described above and in other ways, as permitted by applicable laws, including combining non-personal data with personal data.
Luisa Emma follows a standard procedure of using log files. These files log visitors when they visit websites. All hosting companies do this and a part of hosting services‘ analytics. The information collected by log files includes internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date and time stamp, referring/exit pages, and possibly the number of clicks. These are not linked to any information that is personally identifiable. The purpose of the information is for analyzing trends, administering the site, tracking users‘ movement on the website, and gathering demographic information.
How long we keep your information and why?
We will only keep your personal information for a limited period of time. This period will depend on a number of reasons, such whether we still need to deliver to you, or you have an account with us, or we are providing ongoing customer care to you. Sometimes we must also keep your information by law, to deal with a regulator or where required by our insurers. We delete your personal information at your request where possible and we won’t keep it for longer than we should or need to for the provision of a service and for communicating with you.
If you have given us permission, we’ll send you marketing messages by email, to keep you aware of new products and special offers.
Your individual rights
We endeavor to process all personal information in line with your rights under GDPR. In particular, You have the rights to:-
- Withdraw your consent to Our processing your personal information at any time. You can do this at any time by changing your “Preferences” when you log in to your account or by contacting us at email@example.com. In certain circumstances, We can process your personal information without your consent in line with the lawful processing requirements in GDPR. These include (amongst other reasons) where processing is necessary to comply with a legal obligation, or to protect your vital interests
- Ask us to rectify inaccurate or incomplete personal Information. We would seek to rectify the data as soon as possible and usually within one month unless the request is complex
- Ask us to erase your personal Information. This is commonly referred to as the right to be forgotten. This right is only applicable where there is no compelling reason for the continued processing of your personal Information. There are some circumstances where this right to erasure does not apply and in such cases We would notify You of the reason(s) why We need to retain your personal Information (unless prevented to do so by law)
- Restrict processing of your personal Information where, for example, the data is inaccurate, being processed unlawfully or where the data is no longer relevant to the specific purpose for processing. In such cases, We would retain the data but We would not process it further without your consent, or if processing your Information is for establishing, exercising or defending a legal claim, or for the protection of rights of other individuals, or for public interest reasons. In such circumstances, We would let You know that We intend to lift the restriction on processing your personal Information
- Request access to your personal Information via a subject access request. your request should be made to us in writing and We may ask you for proof of your identity before providing You with the data. There is usually no fee for making such a request however, in limited circumstances, We can charge an administrative fee (which will be based on the administrative cost of providing the information)
- You have the right to ask us not to process your personal Information for marketing purposes (including profiling). We will usually inform You (before collecting your data) if We intend to use your data for such purposes or if We intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms We use to collect your data. You can also exercise the right at any time by contacting us at firstname.lastname@example.org.
- Obtain and reuse your personal Information for your own purposes across different services (right to data portability). This right is only applicable to data that You have provided to us, where We are processing the data based on your consent or for the performance of a contract and when the processing is carried out by automated means. Where this right applies, the data will be provided to You in a structured, commonly used and machine-readable format
Please be aware that we will need to verify your identity before providing any personal information to you. We do this to protect your information. We may also ask you to provide us some additional voluntary information to help us process your request more efficiently.
Luisa Emma undertakes to ensure the protection and security of Personal Data that You choose to communicate, in order to ensure the confidentiality of Your Personal Data and prevent Your Personal Data from being distorted, damaged, destroyed or disclosed to unauthorized parties.
Luisa Emma maintains reasonable physical, electronic, and procedural safeguards to protect Personal Data from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. However, while Luisa Emma strives to protect Your Personal Data, considering the inevitable risks of data transmission over the internet, Luisa Emma cannot guarantee full protection against any error occurring during the course of Personal Data transmission which is beyond Luisa Emma reasonable control.
All the people who have access to Your Personal Data are bound by a duty of confidentiality and subject to disciplinary actions and/or other sanctions if they fail to meet these obligations.
However, it is important for You to exercise caution to prevent unauthorized access to Your Personal Data. You are responsible for the confidentiality of Your password and information appearing on Your account.