Privacy policy
Private Policy
At Fantastick we are committed to protecting your information and using it responsibly. Please read our policy carefully to understand how we collect, use and store your information. It also sets out your rights in relation to your information and who you can contact for more information or queries.
This policy details why we need the personal information we request when you contact us and how we will potentially use it. Developing a better understanding of the people who are in contact with Fantastick allows us to make more effective decisions and communicate more efficiently.
The processing of your information is carried out by or on behalf of NDC Retail LTD who owns Fantastick.
NDC Retail LTD is a registered company in England and Wales (14463818).
This policy has been written in accordance with the General Data Protection Regulation (GDPR) 2018. If you have any questions about the Privacy Policy and how we use your information please contact us: NDC Retail LTD Suite 105 80A Ruskin Avenue, Welling, DA16 3QQ , Email: contact@fantastick.icu
Who this Privacy Policy applies to and what it covers
At Fantastick we are committed to protecting your privacy.
This Privacy Policy sets out how we collect, handle, store and protect information about you when you visit and use our website or interact, post or by email.
When we refer to “our website” or we mean the webpages of www.fantastick.icu. In this Privacy Policy, we may also sometimes collectively refer to handling, collecting, protecting and storing your personal information as “processing” such information.
Our website may contain links to other websites that are not operated by us and outside our control. These websites are not covered by this Privacy Policy and if you access them using the links provided, the operators of these websites may collect information about you. We encourage you to review the Privacy Policy on each of these websites (which may differ from ours) before disclosing any personal information.
What information we collect
We collect information about you when you give it to us. For example, information about your web browser, IP address, time zone, and some of the cookies that are installed on your device or computer. Additionally, as you browse our website, we collect information about the individual web pages or products that you view, what websites or search terms referred you to our website, and information about how you interact with our website.
“Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.
We collect personal information because we observe or infer that information from the way you interact with Fantastick. For example, we may use cookies and web beacons on our website so as to automatically collect information about your visit. This information will help to improve your experience when using our website and ensure that it is functioning correctly. The information about you which we collect or obtain typically includes the following details about you, including your name, billing address, shipping address, payment information (including credit/debit card numbers, email address, and phone number. Where you receive electronic communications from us such as emails, we also typically gather information about your use of that communication. This includes information on when you open the communication and what links you click on within it. If you unsubscribe to a communication from us, we will also adjust your preferences and retain a record of this so that we don’t contact you inappropriately.
How we use your personal information
We use the information that we collect generally to fulfill any orders placed through our website (including processing your payment information, arranging for shipping, and providing you with invoices and/or order confirmations). Additionally, we use this information to:
· Communicate with you;
· Screen our orders for potential risk or fraud; and
· When in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.
We use your device/computer information that we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimise our website (for example, by generating analytics about how our customers browse and interact with our website, and to assess the success of our marketing and advertising campaigns). By using our website, you (the consumer) agree to allow third parties to process your IP address, in order to determine your location for the purpose of currency conversion. You also agree to have that currency stored in a session cookie in your browser (a temporary cookie which gets automatically removed when you close your browser). We do this in order for the selected currency to remain selected and consistent when browsing our website so that the prices can convert to your (the consumer) local currency (this will apply when international shipping comes into effect).
Sharing your personal information
We share your Personal Information with third parties to help us use your Personal Information, as described above. For example, we use Godaddy to power our online store; you can read more about how Godaddy uses your Personal Information here: https://www.godaddy.com/en-uk/legal/agreements/privacy-policy?target=_blank.
We also use Google Analytics to help us understand how our customers use our website; you can read more about how Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy/. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
Who we disclose your information to
We typically share your information with:
• Third parties that provide services to us or on our behalf. This includes third parties such as those delivering postal mail, print agencies, sending emails, targeted advertisments or marking communication we believe may be of interest to you, analysing or collecting data, processing credit/debit card payments, providing IT services.
• Regulators, other competent authorities (including courts, tribunals and regulatory and law enforcement authorities) and other parties to whom we are required to disclose your personal information to by law.
• Our professional advisors (including solicitors, accountants and consultants).
• Credit reference agencies and other organisations that help us to make credit decisions and reduce the incidence of fraud.
For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at:
http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.
You can opt out of targeted advertising by using the links below:
· Facebook: https://www.facebook.com/settings/?tab=ads
· Google: https://www.google.com/settings/ads/anonymous
· Bing: https://advertise.bingads.microsoft.com/en-us/resources/policies/personalized-ads
Additionally you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/.
Please note that we do not alter our website’s data collection and use practices when we see a Do Not Track signal from your browser.
Your Data Rights
If you are a European resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact information.
Additionally, if you are a European resident we note that we are processing your information in order to fulfill contracts we might have with you (for example if you make an order through our website), or otherwise to pursue our legitimate business interests listed above. Additionally, please note that your information will be transferred outside of Europe, including to Canada and the United States. Although they may not be subject to the same data protection laws as companies based in the UK, we take steps to make sure that they provide an adequate level of protection to your personal information in accordance with our obligations under UK data protection law.
How we keep your data safe
We ensure that there are appropriate technical controls in place designed to protect your personal Information. For example, our data and hardware are housed either in a secure data centre, which is accessed via encrypted network connections for protection, or securely in the cloud and encrypted both in transit or at rest. We undertake regular reviews of who has access to information that we hold to ensure that your information is only accessible by appropriately trained staff and contractors.
How long we keep your personal information
We will hold your personal information on our systems for as long as is necessary to fulfil the purpose for which it was collected or to comply with legal, regulatory or internal policy requirements.
• The information we hold about you ensures we are able to speak to you as efficiently as possible and in the way you find easiest.
• Financial information for auditing or legal purposes.
How we keep your personal information up to date
Where possible we endeavour to keep your information up to date and we really appreciate it if you let us know if your contact details change.
Amendments
We may update this Privacy Policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons.
Minors
Our website is not intended for individuals under the age of 14.
Legal grounds we use for processing personal information
We are required by law to set out in this Privacy Policy the legal grounds on which we rely in order to process your personal information.
We generally use your personal Information for the purposes outlined above because: (a) it is necessary for our legitimate interests and does not unduly affect your interests or fundamental rights and freedoms (see below); (b) it is necessary for legal and/or regulatory obligations that we are subject to, such as keeping records for tax purposes or providing information to a public body or law enforcement agency; (c) it is necessary for the performance of a task carried out in the public interest; or (d) in some cases, we have obtained your prior consent.
Examples of the ‘legitimate interests’ referenced above are:
• To prevent fraud or criminal activity (for which we may conduct due diligence research in line with our legal and regulatory obligations and our internal policies and procedures), misuses of our products and services, as well as the security of our IT systems, architecture and networks;
• To exercise our rights under Article17 of the Charter of Fundamental Rights, including our right to property; and
• To conduct market research to better understands our consumer, along with their expectations and perceptions of Fantastick.
To the extent that we process any sensitive personal information relating to you for any of the purposes outlined above, we will do so because either: (a) you have given us your explicit consent to process such information; (b) the processing is necessary for reasons of substantial public interest on the basis of applicable law (for example, where we are required to process personal information to ensure we meet our ‘know your client’ and ‘anti-money laundering’ obligations); (c) the processing is necessary for the purposes of health or social care or treatment on the basis of applicable law; (d) the processing is necessary to carry out our obligations under employment, social security or social protection law; or (e) the processing is necessary for the establishment, exercise or defence of legal claims. The legal grounds for processing sensitive personal information outlined above at (a) to (e) appear at Articles 9(2)(a), 9(2)(g), 9(2)(h) 9(2)(b) and 9(2)(f) of the EU’s General Data Protection Regulation respectively.
Contact us
For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by email or mail on the address provided above.
If we have been unable to deal satisfactorily with any concerns you may have of how we have processed your Personal Information, you have the right to make a complaint to the UK’s Information Commissioner’s Office or to any other data protection regulator in the place where you live or work, or in the place where you think an issue in relation to your data has arisen. A list of the national data protection regulators can be found here: http://ec.europa.eu/justice/dataprotection/bodies/authorities/index_en.htm
