Information we collect

Information you provide to us

We collect the personal information you provide to us when you purchase our products or visit our website. The categories of information we may collect include:

  • Personal Identifiers, including name, email address, postal address, and telephone number
  • Commercial and Financial Information, including purchases and credit card or debit card number
  • Physical and Audio Data, including physical characteristics or descriptions and audio information
  • Characteristics of Protected Classifications, including age and sex or gender
  • Medical, including medical information
  • Inferences, including inferences from other data

To the extent we process deidentified personal information, we will make no attempt to reidentify such data.

Information collected automatically

We automatically collect internet or other electronic information about you when you visit our website, such as IP address, browsing history and interactions with our website. This data may be collected using browser cookies and other unique personal identifiers.

Browser Cookies. We use cookies to create a better experience for you on our site. For example, cookies prevent you from having to login repeatedly, and they help us remember items you've added to your cart. We also use third-party cookies, which are cookies placed by third parties for advertising and analytics purposes. You can control these cookies through your browser settings.

Information from other sources

We may collect personal information about you from third-party sources, including Other consumers (e.g., referrals) and Retail Partners.

Other consumers (e.g., referrals)

  • Personal Identifiers, including Name, Email address, Postal address, and Telephone number
  • Online Identifiers, including Online Identifiers
  • Physical and Audio Data, including Physical characteristics or descriptions
  • Characteristics of Protected Classifications, including Age and Sex or gender
  • Inferences, including Inferences from other data

Retail Partners

  • Personal Identifiers, including Name, Email address, Postal address, and Telephone number
  • Commercial and Financial Information, including Purchases

How long we keep your data

We do not retain data for any longer than is necessary for the purposes described in this Policy.

We generally retain data according to the guidelines below.

Type of DataRetention Period
Cookies and online data we collect while you use our website, including Online IdentifiersWe delete or anonymize data concerning your use of our website within 7 years of collecting it.
Data we collect in order to process and ship orders you place with us, including Name, Email address, Postal address, Telephone number, Credit card or debit card number, Audio information, Inferences from other dataWe keep personal information related to products and services you purchase for as long as the personal data is required for us to fulfill our contract with you, and for 7 years from your last purchase with us. We may keep data beyond this period in anonymized form.
Data we collect when you contact us for customer support and other inquiries, including Name, Email address, Postal address, Telephone number, Purchases, Credit card or debit card number, Physical characteristics or descriptions, Audio information, Age, Sex or gender, Medical information, Inferences from other dataWe keep customer feedback and correspondence with our customer service for up to 2 years to help us respond to any questions or complaints. We may keep data beyond this period in anonymized form.
Data we collect when you sign up for promotional and marketing communications, including Name, Email address, Telephone number, PurchasesWhere you have signed up to receive promotional and marketing communications from us, we will retain any data collected until you opt out or request its deletion. We may keep data beyond this period in anonymized form. We will further retain a record of any opt-outs in order to prevent sending you future communications.
Data we collect when you review our products, answer surveys, or send feedback, including Name, Email address, Telephone numberWe retain review, survey, and feedback data for up to 7 years following your last contact with us. We may keep data beyond this period in anonymized form to help improve our products and services.
Data we collect in connection with privacy requests, including Name, Email address, Online IdentifiersWe retain records related to privacy requests for a minimum of 24 months following the completion of the request.
Data we collect for security purposes, including Internet Activity, Inferences from other dataWe retain security-related data as long as necessary to comply with our legal obligations and to maintain and improve our information security measures.

How we share and disclose information

Information Disclosed for Business or Commercial Purposes in the Last 12 Months, and Categories of Parties Disclosed To

We may disclose the following personal information about you when you purchase our products or visit our website:

Personal Information DisclosedRecipient (by Category)
Personal IdentifiersAd Networks, Business Operations Tool, Cloud Computing & Storage Providers, Collaboration & Productivity Tools, Commerce Software Tools, Contractors, Governance, Risk & Compliance Software, IT Infrastructure Services, Payroll & Benefits Management Software, Sales & Marketing Tools, Shipping Services, and Web Hosting Services
Online IdentifiersAd Networks, Business Operations Tool, Cloud Computing & Storage Providers, Collaboration & Productivity Tools, Commerce Software Tools, Contractors, Data Analytics Providers, Governance, Risk & Compliance Software, IT Infrastructure Services, Payment Processors, Sales & Marketing Tools, and Web Hosting Services
Internet ActivityAd Networks, Business Operations Tool, Cloud Computing & Storage Providers, Collaboration & Productivity Tools, Commerce Software Tools, Contractors, Data Analytics Providers, IT Infrastructure Services, Payment Processors, Sales & Marketing Tools, and Web Hosting Services
Commercial and Financial InformationAd Networks, Business Operations Tool, Cloud Computing & Storage Providers, Collaboration & Productivity Tools, Commerce Software Tools, Contractors, Data Analytics Providers, IT Infrastructure Services, Payment Processors, Sales & Marketing Tools, and Web Hosting Services
Physical and Audio DataContractors, IT Infrastructure Services, Sales & Marketing Tools, and Web Hosting Services
Characteristics of Protected ClassificationsAd Networks, Business Operations Tool, Collaboration & Productivity Tools, Commerce Software Tools, Contractors, Data Analytics Providers, IT Infrastructure Services, Sales & Marketing Tools, and Web Hosting Services
InferencesAd Networks, Business Operations Tool, Cloud Computing & Storage Providers, Collaboration & Productivity Tools, Commerce Software Tools, Contractors, Data Analytics Providers, IT Infrastructure Services, Payroll & Benefits Management Software, Sales & Marketing Tools, and Web Hosting Services

EEA/UK Privacy Notice (GDPR)

This section provides additional information for people in the European Economic Area (EEA) or United Kingdom (UK). ​​The terms used in this section have the same meaning as in the General Data Protection Regulation and the UK Data Protection Act (GDPR). The term “personal information” as used in this notice has the same meaning as “personal data” in the GDPR.

Collection and Disclosure of Personal Data

The personal data we collect is described above in Information we collect. The personal data we disclose for business or commercial purposes is described above in How we share and disclose information. The length of time for which we retain personal data is described above in How long we keep your data.

We may disclose your personal information to the following third party controllers for business purposes: Zenefits, TravelBank, Vested, Wave, Pinterest Ads, Instagram Ads, Concord, Officevibe, Dyno Mapper, Mazars, Apple Pay, Expensify, BDM, PayPal - Pay with PayPal, Venmo, Pay Later, CJ, Forter. To understand how these parties handle your data, please refer to their respective privacy policies.

Lawful Bases and Legitimate Interests

We process personal data on the following lawful bases:

  • Complying with legal obligations
  • Fulfilling contracts
  • Consent
  • Legitimate interests

Where we process personal data on the basis of our legitimate interests, we pursue the following interests: Creating Customer Profiles, Delivering Targeted Ads, Improving our Products & Services, Conducting Surveys, Fulfilling Customer Orders, Internal Business Operations, Meeting Compliance & Legal Requirements, Organizing & Managing Data, Processing Payments, Tracking Purchases & Customer Data, Operating Our Website or Mobile Apps, Preventing Fraud, Providing Customer Support, and Sending Promotional Communications.

International Data Transfers

We may send the personal data of individuals in the EEA/UK to third countries, including the United States, where it may be stored or processed, for example on our service providers’ cloud servers. When we transfer personal data, we rely either on Adequacy Decisions as adopted by the European Commission (EC) on the basis of Article 45 of Regulation (EU) 2016/679 (GDPR), Standard Contractual Clauses (SCCs) issued by the EC or International Data Transfer Agreements (IDTAs) approved by the UK Information Commissioner’s Office. Data protection authorities have determined that the SCCs and IDTAs provide sufficient safeguards to protect personal data transferred outside the EEA/UK. You may read more about the SCCs and IDTAs at the following links:

Privacy Rights

Individuals in the EEA/UK have the following rights regarding their personal data. You can exercise your rights using the request form at the top of this page, or by clicking here. Once you submit a request, we will verify your identity and process your request in most cases within 30 days.

Right to access. You have the right to request a copy of the personal data we hold about you.

Right of portability. You have the right to ask us to transfer your data to another party.

Right to rectification. You have the right to request that we rectify any incorrect information we have about you.

Right of erasure. You have the right to request that we erase (delete) any personal information we hold about you.

Right to lodge a complaint with a supervisory authority. You have a right to lodge a complaint with a supervisory authority. For more information, you can visit the Information Commissioner’s Office website at https://ico.org.uk/, or see a list of EU Data Protection Authorities at https://www.gdprregister.eu/gdpr/dpa-gdpr/.

Inquiries

Controller contact information

Sunday Riley UK

moc.yeliryadnus@kuycavirp

Representative Information


If you are located in the EEA or the United Kingdom and have questions about your personal data or would like to request to access, update or delete it, you may contact our representative at:

Bird & bird GDPR Representative Services SRL

Avenue Louise 235

1050 Bruxelles

Belgium

moc.sdribowt@yeliRyadnuS.evitatneserperUE

Key contact: Vincent Rezzouk-Hammachi

Bird & Bird GDPR Representative Services UK

12 New fetter Lane

London

EC4A 1JP

United Kingdom

moc.sdribowt@yeliRyadnuS.evitatneserperKU

Key contact: Vincent Rezzouk-Hammachi”