Privacy Policy
Privacy Policy and Data Processing Principles
As ebebek UK Retail Services Ltd. (“The Company”) and all ebebek companies (“together will be hereinafter referred as “Companies”), the protection and security of your personal data are at paramount important to us.
Therefore, we are constantly reviewing our data processing activities and revising our policies in accordance with the applicable legislation in our present markets.
This Privacy Policy and Data Processing Principles (“Privacy Policy”) in our company websites (“Websites”) are also reviewed in accordance with UK General Data Protection Regulation (“GDPR”) and applies to all Websites, apps, events and to any other services owned and operated by the Companies.
- Data Processing Principles
- Information Automatically Collected. When you access our Websites, we and our possible third party partners automatically record information from your device and its software, such as your IP address, browser type, Internet service provider, platform type, the site from which you came and the site to which you are going when you leave our website, date and time stamp and one or more cookies that may uniquely identify your browser or your account. When you access our Services using a mobile device, we may also receive or collect identification numbers associated with your device (such as a unique device ID, IDFA, Google AdID), device type, model and manufacturer, mobile device operating system brand and model, phone number, email address, and other apps that you have downloaded ("Technical Data").
- Information Provided by Others. We may link or combine the personal data we collect about you and the information we collect automatically. This allows us to provide you with a personalised experience regardless of how you interact with us.
- Anonymization. We may anonymise and aggregate any of the personal data we collect (so that it does not directly identify you). We may use anonymised information for our business purposes including testing our IT systems, research, data analysis, improving our services and developing new products and features. We may also share such anonymised information with others.
Where you do not provide the personal data, we may not be able to provide you the related services; as it may depend on this information.
- How We Collect and Use Your Data
The main reason we use your information is to deliver what we offer and constantly improve our services. Additionally, we use your information to help keep you safe and to provide you with advertising that may be of interest to you.
Generally, we will use your personal data in the following circumstances:
- Where you have given consent for us to use your personal data, for the stated purposes like; marketing, sales, sweepstakes and any sort of informative reasons,
- Job applications directly from our Websites and/or via company e-mail accounts and any sort of communication deriving from contact forms or written enquiries,
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests,
- Where we need to comply with a legal or regulatory obligations.
When the public area of the website is used, the user’s automatically anonymised IP address is saved. As a result of the anonymization, it is impossible to identify the anonymised user and tracking their movement on the website does not allow for any conclusions to be drawn about a specific user.
- Withdrawing your Consent
You may withdraw your consent fully or partially at any time by contacting us from; data@ebebek.co.uk or from any contact details at our Websites.
- Marketing Purposes and Newsletter
From time to time we may contact you with relevant information about our services and products. Most messages we send will be by email. For some messages, we may use personal data we collect about you to help us determine the most relevant information to share with you.
Newsletter
We only contact you once you will provide us your name-surname and e-mail address, which will be deemed as explicit consent to subscribe to our Newsletter.
We use the double opt-in process for our newsletter registration. This means that after your registration we send an email to the email address specified by you; in this email we request your confirmation that you desire to be sent the newsletter. If you do not confirm your registration within 24 hours your data is automatically deleted. Furthermore, we also save your used IP addresses and the times of your registration and confirmation. The purpose of this process is to verify your registration and to possibly explain any mis-usage of your personal data.
If you do not want to receive Newsletters and other messages from us, you will be able to tell us by selecting certain boxes on forms we use when we first collect your contact details. You can change your marketing preferences by clicking on the unsubscribe link at the bottom of our emails or sending an e-mail to; data@ebebek.co.uk
- Disclosure of Your Information to Third Parties
We may have to share your personal data with the parties set out below;
- Disclosure to Protect Abuse Victims. We reserve the right, but have no obligation, to disclose any information that you submit to the Websites, if in our sole opinion, we suspect or have reason to suspect, that the information involves a party who may be the victim of abuse in any form. Abuse may include, without limitation, elder abuse, child abuse, spousal abuse, neglect, or domestic violence. Information may be disclosed to authorities that we, in our sole discretion, deem appropriate to handle such disclosure. Appropriate authorities may include, without limitation, law enforcement agencies, child protection agencies, or court officials. You hereby acknowledge and agree that we are permitted to make such disclosure.
- Technology Services Providers, including infrastructure partners (such as AWS), customer support service providers, analytics service providers, cybersecurity partners, fraud analytics companies, payment providers, chargeback representation services and similar partners.
- Advertising networks and technology companies that measure advertising performance and attribution.
- Third parties, including consultants, who we engage to provide services on our behalf or to jointly provide services to you, including but not limited to contests and sweepstakes, marketing outreach and analytics, customer support, safety checks, and payment services (such as Cyber Source).
- Social Networks, such as Facebook, where you have given permission to do so or where you have used your social network account to log-in to the pages of any Companies. If you have chosen to do this, your data will be governed by the privacy policy of that social network.
- To, in our discretion, (i) satisfy any applicable law, regulation, subpoena/court order, legal process or other government request, (ii) enforce our Terms of Service, including the investigation of potential violations thereof, (iii) investigate and defend ourselves against any third party claims or allegations, (iv) protect against harm to the rights, property or safety of the Companies, its employees or the public as required or permitted by law and (v) detect, prevent or otherwise address criminal (including fraud or stalking), security or technical issues.
- In connection with any company transaction, such as a merger, sale of assets or shares, reorganization, financing, change of control or acquisition of all or a portion of our business by another company or third party or in the event of bankruptcy, dissolution, divestiture or any related or similar proceedings; and
- We require all third parties to respect the security and privacy of your personal data and to treat it in accordance with the law. However, we are not responsible for those third parties.
- International Transfers
The personal data we collect may be transferred to, and processed and stored in, countries outside of your local jurisdiction. If you are located in the European Union ("EU"), your personal data may be processed outside of the EU, including, for example, in Thailand or in Turkey; these international transfers of your personal data are made:
- to a country or territory ensuring an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data as determined by the European Commission; or
- pursuant to appropriate safeguards, such as the Standard Contractual Clauses and Corporate Binding Rules, approved by European Commission Decision C(2010)593 or any subsequent version thereof released by the European Commission
If you wish to enquire further about these safeguards used, please contact us using the details set out at the end of this Privacy Policy.
- Security
We have extensive security measures in place to protect the loss, misuse and alteration of the information stored in our database. These measures include the use of Secure Socket Layer (SSL) and administrative access to site data as well as other proprietary security measures which are applied to all repositories and transfers of user information. We will exercise reasonable care in providing secure transmission of information between your computer and our servers, but given that no information transmitted over the Internet can be guaranteed 100% secure, we cannot ensure or warrant the security of any information transmitted to us over the Internet and hence accept no liability for any unintentional disclosure.
- Data Retention
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for (as set out above), including for the purpose of satisfying and legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data, and whether we can achieve those purposes through other means, and the applicable legal requirements.
- Your Rights under GDPR
You may have certain rights under GDPR in relation to your personal data. You have the rights to:
- Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
- Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
- Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
- Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
- Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the accuracy of the personal data; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where we no longer need the personal data for the purposes set out above, but we are required by you for the establishment, exercise or defence of legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
- Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
- Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain features of the services to you. We will advise you if this is the case at the time you withdraw your consent.
If you wish to exercise any of these rights, you can contact us from our Websites.
- Cookies and Similar Tracking Technics
- We use cookies and similar technologies to distinguish you from other users of the Service. This helps us to provide you with a good experience when you browse the Websites and also allows us to improve.
- A cookie is a small data file that we transfer to your device's hard disk (such as your computer or smartphone) for record-keeping purposes.
- We use the following types of cookies:
- Strictly necessary cookies. These are cookies that are required for the essential operation of the Website such as security measures.
- Functionality cookies. These are used to recognise you when you return to the Website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
- Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it, and the marketing messages we send to you more relevant to your interests. We may also share this information with third parties who provide a service to us for this purpose.
- Third party cookies. Please be aware that advertisers and other third parties may use their own cookies tags when you click on an advertisement or link on our website. These third parties are responsible for setting out their own cookie and privacy policies.
- The cookies we use are designed to help you get the most from the Service but if you do not wish to receive cookies, most browsers allow you to change your cookie settings. Please note that if you choose to refuse cookies you may not be able to use the full functionality of the Service. These settings will typically be found in the “options” or “preferences” menu of your browser. In order to understand these settings, the following links may be helpful, otherwise you should use the “Help” option in your browser for more details.
- If you only want to limit third party advertising cookies, you can turn such cookies off by visiting the following links (please bear in mind that there are many more companies listed on these sites than those that drop cookies via our website):
- Your Online Choices ( http://www.youronlinechoices.com/ )
- Network Advertising Initiative (http://www.networkadvertising.org/)
- Digital Advertising Alliance (http://www.aboutads.info/consumers)
- If you would like to find out more about cookies and other similar technologies, please visit www.allaboutcookies.org or the Network Advertising Initiative's online sources at www.networkadvertising.org.
- Links to Third Party Sites
The Website may, from time to time, contain links to and from third party services. If you follow a link to any of these services, please note that these services have their own privacy policies and that we do not accept any responsibility or liability for their policies. Please check the individual policies before you submit any information to those services.
- Our Policy Towards Children
The Website is not directed at persons under 16 and we do not knowingly collect personal data from persons under 16 or from any change that can be deemed as child in your jurisdiction.
- Changes to This Policy
We evaluate our privacy policies and procedures to implement improvements and refinements from time to time. Accordingly, we may update this Privacy Policy and so you should review this page periodically. If we make material changes to this Privacy Policy, we will update the "last updated" data at the start of this Privacy Policy. Changes to this Privacy Policy are effective when they are posted on this page.
- Notices
If we need to provide you with information about something, whether for legal, marketing or other business related purposes, we will select what we believe is the best way to get in contact with you. We will usually do this through email or by placing a notice on the communication. The fact that we may send notices to you will not stop you from being able to opt out of certain types of contact as described in this Privacy Policy.
- Contact Details
Questions, comments and requests regarding this Privacy Policy are welcome and should be sent to:
ebebek UK Retail Services Ltd.
Address: C/O Ida & Co Building 3, Chiswick Business Park, 566 Chiswick High Road W4 5YA London, England
Call Center: +44 (0) 2039 546 393
E-mail: data@ebebek.co.uk