Privacy Policy

Lanolips Privacy Policy
United States of America

 

This Privacy Policy sets out how personal information and data may be collected, used, shared and processed by Lanolips Pty Ltd (ACN 128 578 030) “Lanolips”, of Building 14, 122 Lang Road, Moore Park, NSW, 2021, Australia when using the following websites that are owned and controlled by Lanolips:

- lanolips.com
- lanolips.com.au
- lanolips.eu
- lanolips.co.uk

 together, the “Sites”.

By using the Sites, registering with us, submitting your personal information to us,  interacting with us on our relevant social media and purchasing items from – outlets and third party platforms you are freely accepting and consenting to the terms of this policy.  If you do not agree with the provisions of this Privacy Policy please do not use the Sites or submit any personal information to us.

In this Privacy Policy, “Lanolips”, “we,” “us,” “our,” and other similar references means Lanolips, “you” and “your” and other similar references mean any user of the Service, and “Lanolips Affiliates” means any parent, subsidiary, member, officer, director, employee, agent, or contractor of Lanolips or any entity under common control with Lanolips.

We collect, use, store, manage, disclose and protect committed to protecting your personal information in accordance with the terms of this Privacy Policy and Applicable Laws. 

Applicable laws for the purpose of this Policy means: (a) the Data Protection Act 2018 and the Privacy and Electronic Communications (EC Directive) Regulations 2013; (b) General Data Protection Regulation (Regulation (EU) 2016/679) (“GDPR”) (c) to the extent applicable, any legislation ratifying or otherwise adopting the GDPR in the UK, EU, and any applicable associated or supplementary data protection laws or regulations; (d) the Privacy Act 1988 (Cth) (Privacy Act) and the Australian Privacy Principles (“APPs”); and (e) the California Consumer Privacy Act 2018 (“CCPA”)

- What information is being collected?
- How and why are we using this data?
- How is it being collected?
- How is your data stored and protected?
- How long do we store your data for?
- How is your data shared?
- What are your rights?
- Social media, Cookies and online advertising
- Changes
- Contact us

What information is being collected?

Lanolips collects personal information about you whenever you shop with us or use our services. Some of this information you give to us directly when, for example, you place an order on one of our websites which allows us to perform our duty to you and ensure a better, personalised experience.

Personal data means any information about an individual from which that person can be identified. It does not include anonymised data, where the identity and identifying information has been removed.

 The following groups of personal data are collected:

- Identity Data includes information such as: first name, last name, title, date of birth (optional), occupation, personal description, photo and gender.
- Contact Data includes information such as: email address, billing address, delivery address, location, country, telephone number, loyalty programme membership number, and social media id (if you log in by social media).
- Financial Data includes information such as: payment card details and bank account.
- Transaction Data includes information such as: details of your purchases and the fulfilment of your orders (such as basket number, order number, subtotal, title, currency, discounts, shipping, number of items, product number, single item price, category, tax etc.); payments to and from you and details of other products and services you have obtained from us, correspondence or communications with you in respect of your orders, and details of any rewards and bonuses awarded.
- Technical Data includes information such as: details of the device(s) you use to access our services, your internet protocol (IP) address, login data, your username and password, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform.
- Profile Data includes information such as: purchases or orders made by you, product and style interests, preferences, feedback, and survey responses.
- Usage Data includes information such as: how and when you use our website/app, how you moved around it, what you searched for; website/app performance statistics, traffic, location, weblogs and other communication data; loyalty programme activities; and details of any other Lanolips products and services used by you.
- Marketing and Communications Data includes information such as: your preferences in receiving marketing from us and our third parties and your communication preferences.

We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy.

We do not generally collect “sensitive information” as defined by the Privacy Act (such as information about ethnic origin, religious or political views, health information, tax file numbers etc) from you.  If you voluntarily submit sensitive information to us, you consent to our collection of such sensitive information and we will only use or disclose such information: for the purpose for which it was provided or another directly related purpose; or as allowed by law.

How and why are we using this data?

We will only collect and use your personal data for the following purposes, to:

- Provide, improve, and develop our products and services
- Communicate with you
- Offer and measure targeted advertisements and services
- Inform you about our products and services
- Promote safety and security

We will only collect and process your personal data where we have a legal basis to do so. The legal basis for our collection and use of your personal data varies depending on the manner and purpose for which we collected it.

We will only collect personal data from you when:

- we have your consent to do so, or
- we need your personal data to perform a contract with you. For example, to process a payment from you, fulfil your order or provide customer support connected with an order, or
- the processing is in our legitimate interests and not overridden by your rights, or
- we have a legal obligation to collect or disclose personal data from you.

 

Purpose/Activity

Type of data


Lawful basis for processing including basis of legitimate interest

To create an account and register you as a new customer (either directly or via social media).

· Identity

· Contact


· Performance of a contract with you

To process and deliver your order including: recording your order details; keeping you informed about the order status; process payments and refunds, collect money owed to us; and assist fraud prevention and detection.

· Identity

· Contact

· Financial

· Transaction


· Performance of a contract with you

· Necessary for our legitimate interests (e.g. to recover debts due to us)

To process and deliver your order including: recording your order details; keeping you informed about the order status; process payments and refunds, collect money owed to us; and assist fraud prevention and detection.

· Identity

· Contact

· Financial

· Transaction


· Performance of a contract with you

· Necessary for our legitimate interests (e.g. to recover debts due to us)

To manage our relationship with you, including: providing you with any information, products and services that you request from us; notifying you about changes to our services, terms and conditions or privacy notice; asking you to leave a review or take a survey.

· Identity

· Contact

· Profile

· Marketing and Communications


· Performance of a contract with you

· Necessary for our legitimate interests (to keep our records updated and to study how customers use our products and services)

To enable you to take part in a competition, event, survey, or receive a reward for shopping with us.

· Identity

· Contact

· Profile

· Usage

·Marketing and Communications


· Necessary for our legitimate interests (to study how customers use our products and services, to develop them and grow our business)

· Where you have decided to enter into a competition or event, for the performance of a contract with you

To administer, protect and improve our business and our website/app, including: troubleshooting, data analysis, testing, system maintenance, support, data analysis, reporting and hosting of data; setting default options for you, such as language and currency.

· Identity

· Contact

· Profile

· Technical

· Transaction

· Marketing and Communications


· Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, and to detect and prevent fraud)

· Necessary to comply with a legal obligation

To deliver relevant website content, online advertisements and information for you; and measure the effectiveness of the advertising provided.

· Identity

· Contact

· Profile

· Usage

· Marketing and Communications

· Technical


· Necessary for our legitimate interests (to study how customers use our products and services, to develop them, to grow our business and to inform our marketing strategy)

To use data analytics to: improve our website, products, services, marketing, customer relationships and experiences;

· Technical

· Usage


· Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)

To recommend products, services discounts and offers that may be of interest to you, including to send you such information by email, post or SMS.


· Identity

· Contact

· Technical

· Usage

· Profile

· Marketing and Communications

· Necessary for our legitimate interests (to develop our products and services and grow our business) or

· Consent


To inform or remind you by email of any task carried out via our website which remains uncompleted, such as incomplete orders or abandoned baskets.

· Identity

· Contact

· Usage


· Necessary for our legitimate interests (to improve the shopping experience of our customers)

  

How is it collected?

Lanolips may collect personal data in the below ways:

- Direct interactions

·  Sometimes you will directly provide us with your personal information in using our Services and Sites. For example, we often ask your name, email address if you sign up with us or enter a competition with us; we ask for your payment and shipping details to fulfil your orders when a purchase is made; or the information you provide when you contact us with an enquiry or feedback.

- Automatic

·  Some data is automatically collected when you visit our Sites or use our Services. For example, we collect information on how often you use the Services, the pages you visit, the links you click, how you have accessed our Sites and Services (including browser and device information) and the items you have put into your shopping cart. We may also collect your location data (as indicated by an Internet Protocol [IP] address).

We may also receive data from our third-party partners and service providers to analyze how users use our Sites and Services. We use this aggregated information to better understand and optimize our Sites and Services for a better user experience.

We may also collect your Personal Information from third parties, including (but is not limited to):

- analytics providers such as Google, Meta and TikTok;
- search information providers such as Google and Bing;
- contact, financial and transaction data from providers of technical, payment and delivery services such as Shopify, Pay Pal and AfterPay;
- where you have agreed with them that your information may be disclosed to us, and with whom we have business relationships;
- law enforcement agencies and other government entities;
- from someone duly authorised to act on your behalf; and
- your referees and/or previous employers, where you have applied for employment with us.

Your personal information will only be collected from third parties if it unreasonable or impractical to collect that personal information from you directly.  If and when we do collect personal information from third parties, we will take reasonable steps in the circumstances to inform you of this collection and obtain your consent.

How is your data stored and protected?

Lanolips ensures that all information collected will be safely and securely stored.

We have appropriate organisational safeguards and security measures in place to protect your data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.

The communication between your browser and our websites uses a secure encrypted connection wherever your personal data is involved. We encrypt your data and store it on secure servers hidden behind a firewall.

We endeavour to take reasonable steps to enter into agreements with third parties that collect, store, disclose and retain personal information in accordance and require all third parties to respect the security of your personal information and treat it in accordance with the law, we do not allow our third party service providers to use your personal information for their own purposes and only permit them to process it for specified purposes in accordance with our instructions.  

In the unfortunate event of a personal data breach, we will notify you and any applicable regulator when we are legally required to do so.

How long do we store your data for?

We will retain your personal data for no longer than is necessary for the purpose(s) it was provided and collected for and to meet our legal obligations. Further details of the periods for which we retain data are available on request via the contact details provided below. 

How is your data shared?

We do not sell, rent, lease or provide your personal information to other entities unless outlined in this Privacy Policy. We may disclose your personal information where you have consented or when disclosure is necessary to achieve the purpose for which it was submitted (as outlined above). In addition, we may receive and disclose personal information from or to other businesses operated by us

We may disclose and share your personal data with the parties set out below:

- where you have consented for us to do so. For example, if you have consented to receive marketing materials from third parties, or in respect of third parties’ (including co-branded or jointly promoted) products and services, we may pass your data on to the relevant third parties for the purpose of sending you such marketing communications;

- to business partners, suppliers, subcontractors and other third parties that we use in connection with the running of our business for the purposes set out in the table above in the section ‘How and why are we using your data?’, such as:

·  third party service providers that we engage to provide IT systems and software, and to host our website;

· third party payment processing services (including Shopify Payments, Stripe, iDeal, Bancontact, and PayPal) to process your payment to us. Lanolips does not store your payment information. Your payment details are provided to the payment processing service you have selected, who are compliant with necessary regulations;

·  third party service providers that we engage to deliver goods you have ordered;

· third party service providers that we engage to send emails and postal mail on our behalf including in relation to incomplete orders or abandoned baskets, or marketing communications, to provide data cleansing services and to provide marketing and advertising services;

·  analytics and search engine providers that assist us in the improvement and optimisation of our website;

· affiliate networks through whom you have accessed our website;

- to any third party to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this Policy.

- to protect our customers and websites from fraud and theft, we may share personal data that is required to make identity checks and personal data that we obtain from making identity checks (including data relating to your age, name and location), together with account information, with organisations (including law enforcement agencies), involved in fraud prevention and detection and credit risk reduction. Please note that these third parties may retain a record of the information that we provide to them for this purpose;

- if we are under a duty to disclose or share your personal data in order to comply with any legal obligation; or

- to our professional advisers including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accounting services.

We may combine personal information we receive about you, with other information we hold about you, including information received from third parties.

We will not use or disclose health information for any purpose other than the purpose for which you provided it to us, or complying with our regulatory and legal reporting obligations.

We may aggregate and anonymize Personal Information so that it will no longer be considered Personal Information. We may retain and share aggregated, anonymized information with partners, advertisers or other third parties without restriction.

Do we use your personal information for marketing?

We will use your personal information to offer you products and services we believe may interest you, but we will not do so if you tell us not to.  These products and services may be offered by us, our related companies.  

Where you receive electronic marketing communications from us, you may opt out of receiving further marketing communications by following the opt-out instructions provided in the communication.

Transfer Overseas

We may disclose your personal information to our, third party service providers who provide services to us including data warehousing, credit card processing and e-commerce services, mailing and logistics services or other recipients located overseas including in Australia, UK, Europe, North America.

We ensure that your personal information is protected by requiring all our group companies to follow the same rules when processing your personal data.

The personal data we collect from you may be transferred to, and stored at, destinations in other countries, including Australia,  using legally-provided mechanisms to lawfully transfer data across borders. It may also be processed by staff operating in another country who works for us or for one of our suppliers. Such staff may be engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. We will take all steps necessary to ensure that your data is treated securely and in accordance with this Privacy Policy.

If you are a UK or EU resident, you should be aware that many countries do not afford the same legal protections to personal information as countries within the EEA. Transfers will be made in accordance with the applicable legislation and we will take all necessary measures to ensure that third parties involved will provide an adequate level of protection.  Any future hosting/processing organisation that we use in relation to this website will be required to do the same.

By disclosing personal information to us, you acknowledge and consent to these potential transfers.

Access to and correction of your personal information

You may access or request correction of the personal information that we hold about you by contacting us. Our contact details are set out below. There are some circumstances in which we are not required to give you access to your personal information.

There is no charge for requesting access to your personal information but we may require you to meet our reasonable costs in providing you with access (such as photocopying costs or costs for time spent on collating large amounts of material).

We will respond to your requests to access or correct personal information in a reasonable time and will take all reasonable steps to ensure that the personal information we hold about you remains accurate, up to date and complete.

We are committed to maintaining your privacy and helping you exercise your rights. If you would like to exercise any of these rights in relation to your personal data that we have collected, please contact us via the contact details below.

Please note you may take many of these actions through your Account Settings (e.g. updating your details, cancelling your account), unsubscribing from marketing material you receive (e.g. our marketing emails) and disabling cookies. If you would like more assistance with these, please do not hesitate to contact us via the contact details provided below.

If you prefer not to see customized ads from us, you can opt out by changing your account settings or preferences on such platforms.  If you are visiting such sites, your browser may include controls to block and delete cookies, web beacons and similar technologies, to allow you to opt out of data collection through those technologies.  Example may include (but not limited to) Google’s Ad settings page or the Network Advertising Initiative opt out page.

UK and EU Residents

If you are a UK or EU resident, under the European Union (EU) General Data Protection Regulation (GDPR), as a data subject you have the right to:

- request access your data;
- request to have your data corrected where it is inaccurate;
- request restriction of processing;
- withdraw consent to having your data processed;
- request to have your data erased;
- have your data provided in a standard format so that it can be transferred elsewhere;
- request the transfer of your data to a third party (data portability); and
- not be subject to a decision based solely on automated processing.

    Data Subject Rights

    We have processes in place to deal with Data Subject Rights requests.  Our actions and responsibilities will depend on whether we are the controller or processer of the personal data at issue.  Depending on our role as either a controller or processor, the process for enabling Data Subject Rights may differ, and are always subject to applicable law.  Please refer to the contact Details section of this policy if you would like to make a Data Subject Rights request OR have a specific need for assistance with a Data Subject Rights request.

    California Residents

    If you are a resident of California, the processing of your Personal Information by us is likely to be subject to the California Consumer Privacy Act (CCPA) which provides you with certain enhanced privacy rights which should be read in conjunction with this Privacy Policy.

    As a resident of California, the CCPA says that you have the right:

    - to know what Personal Information has been collected, used, and disclosed by us over the prior 12 months.
    - to delete Personal Information held by us, subject to certain exceptions.
    - to opt-out of sale of Personal Information. Consumers are able to direct a business that sells Personal Information to stop selling that information. Children under the age of 16 must provide opt in consent, with a parent or guardian consenting for children under 13.
    - to non-discrimination in terms of price or service when a consumer exercises a privacy right under CCPA.
    - we do not sell Personal Information of customers to third parties. We do permit third parties to collect information for the business purposes described in this Privacy Policy.

      California's "Shine the Light" law (Civil Code Section § 1798.83) also permits California residents to request certain information regarding our disclosure of their Personal Information to third parties for their direct marketing purposes. 

      To exercise one of the above rights or to find out further information about how we handle your personal information, please contact the Data Protection/Privacy Officer via email hellousa@lanolips.com using the email subject line ‘California Resident Privacy Request’. 

      Children

      While our websites are designed for a general audience, we will not knowingly collect any data from children under the age of 16 or sell products to children. If you are under the age of 16, you are not permitted to use or submit your data to the website. 

      If we learn that we have collected the personal data of a child under 16, or the equivalent minimum age depending on the jurisdiction, we will take steps to delete the data as soon as possible. Please immediately contact us if you become aware that a child under 16 has provided us with personal data.

      SMS, Social Media, Cookies, Affiliate Advertising and Online Advertising

      SMS Marketing

      By subscribing to Lanolip’s text notifications, you agree to receive automated marketing text messages from us about our products and services at the phone number you provided when you subscribed, and that the messages may be sent via automatic telephone dialling system or other technology. Message frequency is recurring. Consent is not a condition of purchase. Message and data rates may apply. Reply STOP, END, OPT OUT, CANCEL, UNSUBSCRIBE or QUIT to opt-out. You may receive an additional text message confirming your decision to opt-out. You understand and agree that attempting to opt-out by any means other than texting the opt-out commands above is not a reasonable means of opting out and may cause delays.

      Social Media

      By interacting with us on the Social Media (including without limitation following us on the Social Media, “liking”, “mentioning”, “tagging”, writing a comment in relation to a page on the Social Media) (“Interacting” or “Interaction” (as applicable)) you are consenting to our interaction with you on the Social Media and the processing of your information accessed on the Social Media. The information about you that may be collected when you Interact with us on the Social Media may include without limitation your name, your user profile, your age, your preferences, choices and viewpoints with regards to the topic or subject matter of the relevant Social Media page, your photos and other images and your videos. Your Interaction with us on the Social Media may also involve you submitting a photo or video of you (“Your Image”). By Interacting with us on the Social Media you consent to us using Your Image for the purposes described when Your Image was requested or as described on the relevant Social Media page.

      Please let us know if at any time you wish us to stop interacting with you on the Social Media or using any of your information on the Social Media by contacting us at the details set out below. By Interacting with us (whether on the Sites, Social Media or otherwise) you consent and grant to Lanolips a perpetual, worldwide, royalty-free license to use Your Image and Contributions for the purposes of promoting, advertising and endorsing Lanolips’ goods and services, including without limitation for the purposes of your participation in any promotional activity for the same, and in any media including without limitation television, Social Media, on our Sites, in print and outdoor advertising materials. We may want to use Your Image and Contributions for additional purposes which will be detailed when we collect Your Image and/or in any promotional terms and conditions which will be featured on our Promotions Terms page.

      Cookies

      “Cookies” are small files used to store information and receive identifiers on web browsers on computers, phones, and other devices. We use cookies to provide, protect, and improve our products and services, such as by personalizing content, offering and measuring advertisements, understanding user behavior, and providing a safer experience for our customers.

      By using the website and services provided by Company Name, you agree to us placing cookies on your device and accessing the information stored within these cookies when you visit or use our services in the future. Further information about cookies can be found here about cookies and similar technologies.

      You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of our website may become inaccessible or not function properly.

      Additionally, your visits may be associated with location-based information

      - (i) you manually provide
      - (ii) derived from the IP address of your computer
      - (iii) where you have accessed our website from your mobile device, GPS information where that has been enabled on your device or
      - (iv) the proximity of your laptop computer, mobile wireless device, personal digital assistant, personal communication system, or other communications device (your Personal Communication Device) to the nearest radio tower or cell site.  This information includes when your Personal Communication Device is activated as well as when and how you are using it.  We may collect such data to verify the information you provide to us manually and to provide you with location-based content.  We may also associate it with your existing personal information solely for our internal use in order to improve your experience with us.

      We may also use third-party companies to serve ads and marketing content to you and to measure how relevant this content is to you. These companies may use cookies and other tracking tools on our websites and third-party websites to present personalized advertisements and other messages that may be of interest to you. 

      You can generally opt-out of receiving personalized ads from third party advertisers and ad networks who are members of the Network Advertising Initiative (NAI) or who follow the Digital Advertising Alliance’s Self-Regulatory Principles for Online Behavioural Advertising by visiting the opt-out pages on the NAI website and DAA website. Our websites are not currently set up to respond to browser do-not-track signals, but you can configure your browser settings to reject all cookies or prompt you before a cookie is set.

      We do not control third parties' collection or use of your information to serve interest-based advertising. However these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of receiving targeted ads from members of the Network Advertising Initiative ("NAI") on the NAI's website.

      Affiliate Advertising

      We partner with Rakuten Advertising, who may collect personal information when you interact with our digital property, including IP addresses, digital identifiers, information about your web browsing and app usage and how you interact with our properties and ads for a variety of purposes, such as personalization of offers or advertisements, analytics about how you engage with websites or ads and other commercial purposes. For more information about the collection, use and sale of your personal data and your rights, please use the below links.

      Rakuten Services Privacy Policy 

      Rakuten Services Privacy Rights Request Form 

      Online Advertising

      We use online advertising to keep you aware of what we’re up to and to help you find our products. Like many companies, we may target banners and ads to you when you use other websites and apps, based on your Contact, Technical, Usage and Profile Data. We do this using a variety of digital marketing networks and ad exchanges, and a range of advertising technologies such as web beacons, pixels, ad tags, cookies, and mobile identifiers, as well as specific services offered by some sites and social networks, which may include but are not limited to Facebook’s Custom Audience Service, Instagram, Tik Tok, You Tube, and Google.

      We partner with IronSource, who may collect personal information when you interact with our digital property, including IP addresses, digital identifiers, information about your web browsing and app usage and how you interact with our properties and ads for a variety of purposes, such as personalization of offers or advertisements, analytics about how you engage with websites or ads and other commercial purposes. For more information about the collection, use and sale of your personal data and your rights, please use the below links.

      IronSource Privacy Policy - https://developers.ironsrc.com/ironsource-mobile/air/ironsource-mobile-privacy-policy/

      The Digital Advertising Alliance (which includes companies such as Google, Responsys and Facebook) provides a tool called WebChoices that can perform a quick scan of your computer or mobile devices, find out which participating companies have enabled customised ads for your browser, and adjust your browser preferences accordingly.

      Changes

      We may periodically update this policy for reasons such as regulatory requirements, updating technologies and industry practices. Any minor and non-material changes will take effect immediately upon posting of the Policy. We will notify you about significant changes by sending a notice to the primary email address specified in your primary account holder account or by placing a notice on our site.

      Your continued use of our services after the effective date of the Privacy Policy means that you accept and agree to the changes to the Policy.

      Contact Us

      Please contact us if you have:

      - Any questions or feedback in regard to this Policy and/or its implementation
      - If you would like to update your information
      - If you would like us to stop using your information
      - If you would like to exercise any of your rights detailed above

      Please contact us via hellousa@lanolips.com and we will respond within a reasonable timeframe.

      Lanolips Pty Ltd
      PO Box 144
      Kensington, NSW 1465
      Australia 

       

      If you believe we have not adequately dealt with your complaint, you may complain to:

      Australian residents:  the Privacy Commissioner, whose contact details are found on their website http://www.oaic.gov.au/

      UK or EU Residents:  the Information Commissioner's Office (ICO) either through their website: http://ico.org.uk/ or through the ICO telephone helpline: 0303 123 1113.

       

      This privacy policy was last updated on 4 April 2022.