SUMATO WATCHBOX WEBSITE (OUR "WEBSITES")
The relevant controller above is responsible for your personal data. Our brands each have their own websites. This policy provides information to you about the basis on which Sumato Watchbox collects, uses, stores and shares your information. We will use your personal data fairly, lawfully and in a transparent manner and in accordance with the Data Protection Laws.
Data controllers within Sumato Watchbox may send you marketing messages by email, social media post, SMS or mail about us and our products; where you have not unsubscribed and where you have purchased similar products and/or services from us, or where you have otherwise signed up, or consented, to receive marketing messages from a Sumato Watchbox.
You have the right to withdraw your consent at any time by contacting our customer care team at firstname.lastname@example.org.
INFORMATION WE COLLECT ABOUT YOU
If you have an account with us or make a purchase online with us, we collect your name and contact details (including your address, telephone number, details about your order, and your billing information (where you are purchasing products)).
We also collect details of your interactions with us through our customer contact centers, online or via our apps. For example, when you telephone one of our contact centers, we collect notes of our conversations with you and details of your query and from time to time we may record your calls for training and monitoring purposes. We also collect information about the purchases that you make, your saved items, your payment information, ay complaints and comments that you make and your shopping preferences.
Each time you visit one of our websites, we will also automatically collect information and personal data about your computer for system administration including, where available, your IP address, operating system, and browser type. We do this to help us analyze how users use our websites (including behavior patterns and the tracking of visits across multiple devices), to establish more about our website users and to assist us in managing your account and improving your online experience. We also collect information about you activities on our websites, for example, what device you are using and what products you're looking at.
Here is a list of cookies that we use. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not.
Cookies Necessary for the Functioning of the Store:
|_ab||Used in connection with access to admin.|
|_orig_referrer||Used in connection with shopping cart.|
|_secure_session_id||Used in connection with navigation through a storefront.|
|Cart||Used in connection with shopping cart.|
|cart_sig||Used in connection with checkout.|
|cart_ts||Used in connection with checkout.|
|checkout_token||Used in connection with checkout.|
|Secret||Used in connection with checkout.|
|Secure_customer_sig||Used in connection with customer login.|
|storefront_digest||Used in connection with customer login.|
Reporting and Analytics:
|_landing_page||Track landing pages.|
|_orig_referrer||Track landing pages.|
|_shopify_sa_p||Shopify analytics relating to marketing & referrals.|
|_shopify_sa_t||Shopify analytics relating to marketing & referrals.|
|tracked_start_checkout||Shopify analytics relating to checkout.|
WHERE WE GET YOUR INFORMATION FROM
We collect some of your information directly from you, either through information that you give us or information that we collect during your visits to our websites or through your communication with us.
|Information that you give us||
You may share personal data about yourself with us by:
• filling in forms on our websites, including when you purchase products online, submit queries to us, create an account on one of our websites and/or sign up to receive promotional material and newsletters;
|Information that we collect about you||
We collect personal data about you:
• when you visit our websites, including details of your visits to our websites including, but not limited to, Internet Protocol (IP) address used to connect your computer to the internet, MAC addresses, traffic data, location data, your login information, time-zone setting browser type and version, browser plug-in types and versions, operating system and platform, weblogs, cookies and other communication data, and the resources that you access.
|Information that we receive from other sources||
We will receive personal data about you from other third parties, including:
• in connection with any mergers or acquisitions where we obtain your information from another company.
WHY WE NEED YOUR INFORMATION
The main purpose for which we use your information is to provide you with the products that you purchase from us and to send you offers and promotions that you might be interested in.
In particular, we use your information:
BASIS FOR USING YOUR INFORMATION
Compliance with legal obligations
As a company, there are certain laws we need to comply with. In particular, we will need to process your personal information to verify your identity and for fraud and crime prevention purposes. Failure to provide the requisite personal information on sign-up / as you use our websites may mean we cannot provide our products to you, as to allow you to purchase our products may mean we may be in breach of our legal obligations. You will not be able to object to processing or ask for the deletion of your personal information insofar as it falls under this category.
Necessary for the entry into or performance of a contract
When you enter into a transaction with us or one of our brands, a contract between you and the relevant brand will have been entered into. In order for us to fulfill our obligations under such contract (e.g. to allow you to place an order and receive products from us), we will need to collect and process your personal information. Failure to provide the requisite personal information on sign-up to an account or on placing an order and payment information or objecting to this type of processing / exercising your deletion rights will mean we cannot provide our products to you.
Legitimate business interests
• provide you with products as requested by you;
• develop and improve our products.
As indicated below, we may also pass your personal data to third parties and this is also for our legitimate business interests.
We are required to carry out a balancing test of our legitimate business interests in using your personal data outlined above against your interests and rights under the Data Protection Laws and regulations in the relevant territory. As a result of our balancing test, which is detailed below, we have determined, acting reasonably and considering the circumstances, that we are able to process your personal data in accordance with the Data Protection Laws on the basis that we have a legitimate business interest.
We have a legitimate interest in processing your information as:
• we both benefit from the effective management of your account(s) (where applicable);
|Impact of processing||We consider that it is reasonable for us to process your personal data for the purposes of our legitimate interests outlined above as the processing of your personal data does not unreasonably intrude on your privacy.|
As set out above, we will send you marketing communications where you have not told us that you wish to unsubscribe and where you have purchased similar products and/ or services from the same brand or legal entity (as set out in the table above). You will also receive marketing communications from us where you have signed up, or otherwise consented, to receive marketing messages from Sumato Watchbox.
WHO WE SHARE YOUR INFORMATION WITH
We do not, and will not, sell any of your information to any third party, including your name, address, email address or credit card information. However, we do share your information with a number of select third parties to enable us to provide our products and services to you, to send marketing information and to improve our business operations as set out below.
We will also use a number of carefully selected third parties to help us provide you with products, services and to market to you. In particular, we disclose your information to:
We will only share your information with third party suppliers where it is necessary for them to provide us with the services we need.
We may also need to disclose personal data to third parties to comply with a legal or regulatory obligation, or if necessary for legal proceedings.
AUTOMATED DECISIONS that WE MAKE ABOUT YOU
We carry out some profiling of you for the purposes of improving and developing our products and services and to help us to tailor our marketing to you.
The impact of any automated decision is to ensure you experience the best service possible.
We use information that we learn about you such as your gender, preferences, hobbies, interests and purchase history to make sure the marketing you receive from us and the way our websites are displayed to you are appropriate and tailored to you.
WHERE IS YOUR INFORMATION STORED AND HOW LONG DO WE KEEP IT FOR?
Transfers outside of the European Economic Area
The information which we collect about you may be transferred outside the European Economic Area. In the event of such transfer, we will ensure the adequate standard of security is in place for example by incorporating the European Commission approved clauses into our agreements with such third parties to ensure the security of your personal data. A copy of the European Commission approved model clauses is available here.
Retention of your personal data
If reasonably necessary or required to meet legal or regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our terms and conditions, we will also keep hold of some of your information, even it is no longer needed to provide the services to you.
Security of your personal data
Transmission of information via the internet is not and cannot be completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our websites; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.
WHAT NON-PERSONALLY IDENTIFIABLE INFORMATION DO WE COLLECT?
We may also collect non-personally identifiable information (that is, information that does not specifically identify you), for the purposes of aggregates and statistics.
In some instances, we may be unable to carry out your request, in which case we will contact you to explain why.
|You have the right to request confirmation that your personal data is being processed, access to your personal data (through us providing a copy) and other information about how we process your personal data.|
|You have the right to request that we rectify your personal data if it is not accurate or not complete.|
|You have the right to ask us to erase or delete your personal data where there is no reason for us to continue to process your personal data. This right would apply if we no longer need to use your personal data to provide products to you, where you withdraw your consent for us to send you marketing information, or where you object to the way we process your personal data (see right 6 below).|
|You have the right to ask us to restrict or to block the processing of your personal data that we hold about you. This right applies where you believe the personal data is not accurate, you would rather we block the processing of your personal data rather than erase your personal data, where we don't need to use your personal data for the purpose we collected it for but you may require it to establish, exercise or defend legal claims.|
|You have the right to obtain and reuse your personal data from us to reuse for your own purposes across different services. This allows you to move personal data easily to another organization, or to request us to do this for you.|
|You have the right to object to our processing of your personal data on the basis of our legitimate business interests, unless we are able to demonstrate that, on balance, our legitimate interests override your rights or we need to continue processing your personal data for the establishment, exercise or defense of legal claims.|
|You have the right to object to any automated decision making, including profiling, where the decision has a legal or significant impact on you.|
|You have the right to withdraw your consent where we are relying on it to use your personal data, for example where we are relying on your consent to send you marketing information.|
We will honor your request to:
If you are resident in the EEA, you also have the right to:
You can make a request to exercise any of these rights in relation to your Personal Information by sending the request by email to email@example.com
If you are in the EEA, you also have the right to lodge a complaint with the local data protection authority if you believe that we have not complied with applicable data protection laws. Please click here for a list of contact details for the EEA data protection authorities.
We always give you the choice of whether or not you wish to receive marketing communications from us.
By contacting us on firstname.lastname@example.org you can tell us that you do not wish to receive marketing communications from us and we will update your records. You can also click on the unsubscribe link in all of our promotional emails.
Privacy-related questions and concerns
Our websites may, from time to time, contain links to and from the websites of third parties. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies or your use of those websites.
This policy was last reviewed and updated in June 2018.