I am Senshi is an independent online retailer that sells clothing items worldwide.
This Privacy Notice describes how I am Senshi, is a “data controller”. This means that we are responsible for deciding how we hold and use personal information about you (I.e. the visitor of this website). We are required under the data protection legislation to notify you of the information contained in this privacy notice to provide transparency in the use of your person data.
The below section contains some very important information that will help explain what Personal Data we process and why. To find out more, please visit our ‘about us’ page).
I am Senshi (“I am Senshi “we”, “us”, or “our”) are committed to protecting the privacy and security of your personal information. This privacy notice describes how we collect and use personal information during and after your visit of our website.
WHAT IS PERSONAL DATA?
Under the EU’s General Data Protection Regulation (GDPR) personal data is defined as: “Any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.
WHAT PERSONAL DATA DO WE COLLECT FROM YOU?
During the use of our site you may be asked to provide your contact details such as a name, email, phone number, address, where:
You wish to make a general enquiry, or service information to be provided or where you ask us to contact you, using the contact forms provided on the site.
In some circumstances, we may also collect further details such as, personal interests, date of birth, academic history, personal references, credit/debit card details where:
The personal data you provide us is optional, we endeavour to only collect data that is relevant to the service you have requested or have shown an interest in.
Like many other websites we also utilize automated processing to produce site statistics using Google analytics. This allows us to gain a better insight into the use of our site and help optimize your user experience. The following information is collected on each visit using cookies (See ‘cookies’ section for more details):
Online personal identifiers such as the geographical location and Internet Protocol (IP) address
Internet browser and operating system details
The date and time of your visit
The referral URL and the pages you visit on the site.
This data is collected for statistical and administration purposes only and is stored by Google Analytics. You can prevent google analytics from collecting data at any time by disabling the cookies in your internet browser or by installing the following add on https://tools.google.com/dlpage/gaoptout
Enable you to freely navigate the website and find the information you are looking with ease.
Collect Statistics about our website activity, e.g. how many people visit the website, which pages they look at, what devices they use (PC’s mobile phones etc).
These are the types of Cookies we use:
WordPress – This cookie is issued by WordPress CMS and contains a unique ID to help recognise when an anonymous user attempts to log in. This cookie contains no personally identifiable information. (Necessary)
WordPress CMS – This cookie contains a unique ID that is used to verify that any form requests to the site are coming from valid user sessions. This cookie contains no personally identifiable information (Security)
To opt out from Google Analytics, please visit: https://tools.google.com/dlpage/gaoptout
To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit http://www.allaboutcookies.org/
You should note that by deleting or blocking cookies, the Website may not function correctly and you may not be able to access certain areas.
WHY DO WE COLLECT AND STORE YOUR PERSONAL DATA?
We need the categories of information listed above primarily to allow us to perform a contract with you, to enable us to comply with legal obligations or to pursue legitimate interests of our own or those of third parties provided your interests and fundamental rights do not override those interests. You may also have consented to the processing of your data for one or more specified purposes (please note that such consent can be withdrawn at any time).
Some of the grounds for processing may overlap and there may be several grounds which justify our use of your personal information.
We will only use the personal information for the purposes for which we collected it unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose, If we need to use your personal information for an unrelated purpose , we will notify you and we will explain the legal basis which allows us to do so.
We collect or store your personal data where it is considered lawful under the GDPR. We may use your data to:
Provide information and services that you have requested
Respond to contact requests -Store contact details in our secure database, where you have provided this to us (I.e. via the contact form). We will not market emails to you unless you have explicitly agreed to this.
Understand how visitors, interact with our website
Produce statistics to continually improve and develop our site and services
Help prevent online/cyber-crime and fraud and to improve the security of our information systems.
In any event, we are committed to ensuring that the information we collect and use is appropriate for a specified purpose and does not constitute an invasion of your privacy. In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you.
HOW LONG WILL WE KEEP YOUR PERSONAL DATA FOR?
We will process (collect, store and use) the information you provide in a manner compatible with the EU’s General Data Protection Regulation (GDPR). We will endeavour to keep your information accurate and up to date, use it for the purpose it was obtained for and not keep it for longer than is necessary. We will determine retention for personal data on a case by case basis and dispose data in a secure manner when required. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure and the purposes for which we process this data.
In some cases, we may be required to retain your personal data in accordance with the law, for fraud prevention, legal or accounting requirements, reporting or where there may be a legitimate business reason in doing so.
How long certain kinds of personal data should be kept may also be governed by specific business-sector requirements and agreed practices. Personal data may be held in addition to these periods depending on individual business needs.
WILL WE SHARE YOUR PERSONAL DATA WITH ANYONE?
We may pass your personal data on to third-party service providers or data processors contracted to I am Senshi in the course of dealing with you. Any third parties that we may share your data with are obliged to keep your details secure and may be subject to necessary due diligence to ensure confidentiality integrity and availability of the information shared.
We do not allow our third-party service providers to use your personal data for their own purposes. They are only permitted to process your personal data for specified purposes and only in accordance with our instructions. When the data is no longer required to fulfil the service, they will dispose of the details in line with I am Senshi’s procedures. We may share your data with the following:
Government departments, regulatory agencies where reporting is mandatory or a legal requirement.
Google Analytics, a web analytics solution used to provide statistics on the use of our site. The data collected by Google Analytics is anonymised and therefore does not reveal your identity to us. To learn more about Google Analytics and how it processes data please click: https://support.google.com/analytics/answer/6004245?hl=en
Third parties used to facilitate secure payment transactions.
Marketing partners for direct mailing, mail shots or company / order process updates.
Website Host, to ensure ongoing availability, maintenance and security of the site and its information system. (Data centre hosted in the EU)
We will endeavour to keep your personal data secure by taking appropriate technical and organisational measures in preventing unauthorised access or accidental loss by maintaining the confidentiality integrity and availability of the information systems storing your data.
CAN WE PROVIDE THE PERSONAL DATA THAT WE HOLD TO YOU?
We, at your request can confirm what information we hold about you and how it is processed. If we hold personal data about you, you can request the following information:
Identity and the contact details of the person or organisation that has determined how and why to process your data. In some cases, this will be a representative in the EU.
Contact details of the data protection officer, where applicable.
The purpose of the processing as well as the legal basis for processing.
If the processing is based on the legitimate interests of, I am Senshi or a third party, information about those interests.
The categories of personal data collected, stored and processed.
Recipient(s) or categories of recipients that the data is/will be disclosed to.
If we intend to transfer the personal data to a third country or international organisation, information about how we ensure this is done securely. The EU has approved sending personal data to some countries because they meet a minimum standard of data protection. In other cases, we will ensure there are specific measures in place to secure your information.
How long the data will be stored.
Information about your right to withdraw consent at any time.
How to lodge a complaint with the supervisory authority.
Whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether you are obliged to provide the personal data and the possible consequences of failing to provide such data.
The source of personal data if it wasn’t collected directly from you.
Any details and information of automated decision making, such as profiling, and any meaningful information about the logic involved, as well as the significance and expected consequences of such processing.
YOUR RIGHTS AS A DATA SUBJECT?
Under the GDPR you as the data subject have the right to:
Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it. You will be provided with this information within 1 month of the request.
Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected. Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
Request the transfer of your personal information to another party.
If you want to request access, review, verify, correct or request erasure or object to the processing or request that we transfer a copy of your personal information to another party, please contact our Data Protection representative in writing or send an enquiry via the contact details provided at the end of this notice.
WHAT FORMS OF ID WILL I NEED TO PROVIDE?
I am Senshi accepts the following forms of ID when information on your personal data is requested:
Photo ID or proof of address or similar
CONTACT & COMPLAINTS
If you have any queries relating to the way we treat your personal data or in the unlikely event you would like to raise a complaint with us, you can do this by emailing: firstname.lastname@example.org accompanied with all the details. Alternatively, you can contact us in writing on: I am Senshi- Data Protection Contact Address: Sunrise House, 1st Floor Unit, Sunbeam Street, Wolverhampton, WV2 4P
If you are not satisfied in how a complaint or query was handled by us, you have the option to raise a concern with the Data Protection Supervisory Authority. More details on this can be found here: https://ico.org.uk/concerns/