Privacy Policy

Occasionally, we may also hold and use ordinary personal data: in the public interest for the detection or prevention of crime; or where needed to protect your vital interests or those of another person. We may also occasionally hold and use special category data: to establish, exercise or defend a legal claim; where needed to protect your interests (or someone else’s interests) where you are not capable of giving your consent; or where you have already made the information public.

Sometimes we may use your personal data for purposes that are different from or incompatible with those for which we collected it. If we do this, we will notify you and explain our legal ground for using your data in this way, as required under data protection law.

How do we collect your personal data?

You provide us with most of the personal data about you that we hold and use.

Some of the personal data about you that we hold and use may come from external sources. For example: when we offered you a job, we may have collected references from previous employers; we may obtain information about you from publicly available sources such as your LinkedIn profile or other media sources.

If you give us someone else’s personal data

Sometimes, you might provide us with another person’s personal data. In such cases, we require you to inform the individual what personal data of theirs you are giving to us. You must also give them our contact details and let them know that they should contact us if they have any queries about how we will use their personal data.

Who do we share your personal data with?

We will only share your personal data with third parties where we have an appropriate legal ground under data protection law which permits us to do so.

How long will we keep your personal data?

We will not keep your personal data for longer than we need it for our legitimate purposes.

We take into account the following criteria when determining the appropriate retention period for personal data:

  • the amount, nature, and sensitivity of the personal data
  • the risk of harm from unauthorised use or disclosure
  • the purposes for which we process your personal data and how long we need the particular data to achieve these purposes
  • how long the personal data is likely to remain accurate and up-to-date
  • for how long the personal data might be relevant to possible future legal claims
  • any applicable legal, accounting, reporting or regulatory requirements that specify how long certain records must be kept.

Your rights

You have a number of legal rights relating to your personal data, which are outlined here:

  • The right to make a subject access request. This enables you to receive certain information about how we use your personal data, as well as to receive a copy of it and to check that we are lawfully processing it.
  • The right to request that we correct incomplete or inaccurate personal data that we hold about you.
  • The right to request that we delete or remove personal data that we hold about you where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below).
  • The right to object to our processing your personal data where we are relying on our legitimate interest (or those of a third party), where we cannot show a compelling reason to continue the processing
  • The right to request that we restrict our processing of your personal data. This enables you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it.
  • The right to request that we transfer your personal data to you or to another party, in a structured format. This right applies in respect of data that you have provided where our legal ground for using the data is that it is necessary for the performance of a contract or that you have consented to us using it (this is known as the right to “data portability”).
  • The right to object to a decision based on profiling/solely automated decision-making, including the right to voice your opinion, and obtain human intervention in the decision-making.

If you would like to exercise any of the above rights, please contact Lynne Givan in writing at: lynne@effortlessboutique.co.uk

Note that these rights are not absolute and in some circumstances we may be entitled to refuse some or all of your request.

If you have any questions or concerns about how your personal data is being used by us, you can contact the Data Protection Lead.

Note too that you have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues. Details of how to contact the ICO can be found on their website: https://ico.org.uk