• Below, you can find information about your rights regarding the Personal Data we collect from you.
We do not knowingly collect or solicit Personal Data from anyone under the age of 18. If you are under the age of 18, please do not use the Services or attempt to send us any Personal Data. If we learn that we have collected Personal Data from someone under the age of 18, we will delete that information as quickly as possible, as stated in our Terms of Service.
The Services are operated in the United Kingdom by Bret's Corporation Ltd. and certain of our service providers. By using the Services, you acknowledge that any Personal Data you provide to us will be hosted on United Kingdom servers. Bret's Corporation Ltd
PERSONAL DATA YOU PROVIDE US
We collect your email address and the password you enter when you register for an account with us, and we use them to verify your identity, based on our legitimate business interests in keeping your account secure and preventing fraudulent transactions.
We also use your email address:
• to send you confirmations, notifications and other information regarding your account, your shave plans and your purchases, as may be necessary to complete our contractual obligations to you. Without your email address, we wouldn't be able to provide you this information in a timely and effective manner;
• We may use your Personal Data to send you information and materials about us, our products, and our services that we think may be of interest to you, based on our legitimate business interest in marketing to individuals who have shown an interest in our products and services. You can opt-out of receiving such information during the registration process or at any time by emailing us at sales@bret's.com or by calling us at 01707 321 823.
• We may send you information and materials about third parties with whom we partner or do business, and their products and services, but only if you have given us your consent to do so. You can choose to receive such messages when you register an account with us, and you can always decide to stop receiving these emails by contacting us at email@example.com or calling us at 01707 321 823.
If you choose to register for or access the Services using Third Party Services, such as Facebook, we may collect and receive your login credentials for such Third Party Service. This is only done if you expressly provide us with such information, and we will only use it for the purposes described above. We recommend that you review your privacy settings on any Third Party Service and their privacy policies to understand more about disclosures of information from your applicable Third Party Services.
SHIPPING AND PAYMENT INFORMATION
When you sign up for a shave plan or make a purchase through our Services or by phone with one of our customer service representatives, we will need to collect certain information from you, including your first and last name, shipping address, and telephone number (together referred to as "Shipping Information"). We will also collect payment information from you, such as your billing address and credit or debit card details, including the card type, number, security code, and expiration date (together referred to as "Payment Information"). We use this information to process, confirm, fulfill, and inform you about your shave plans and orders, as required to complete a contract with you. If we don't have this information, we won't be able to complete your purchase and deliver your products to you.
We utilize your Payment Information to authenticate your identity when you manage your account, shave plan, or orders, or when you place a new order, as part of our legitimate business interests to maintain the security of your account and prevent fraudulent transactions. As previously mentioned, we do not retain your Payment Information ourselves. It is stored by our Payment Processor, and we must obtain your Payment Information from our Payment Processor or from you to confirm your identity or to process and fulfill your shave plans.
Our legitimate business interest in making the Services more convenient for your continued use involves the use and storage of your Shipping Information. This information is used to facilitate your purchases or shave plan sign-up processes, making it easier for you to engage with our Services.
We may utilize your name and shipping address to send you information and materials about our products and services that we think might be of interest to you. This is based on our legitimate business interest in marketing to individuals who have shown interest in our products and services. You can choose not to receive such communications when registering an account with us, and you may also stop receiving them at any time by contacting us at firstname.lastname@example.org or calling us at 01707 321 823.
If you give us your consent to do so, we may share your name and shipping address, as well as certain transactional information (including transaction date, value, amount, type, and order ID) with Epsilon Abacus. Epsilon Abacus provides data cooperative and marketing services to a group of retailers known as the Abacus Alliance, whose members may use the shared information to better market to existing and prospective customers. The transactional information is aggregated so that details of individual transactions are not shared. We share this information with Epsilon Abacus to help them analyze your buying patterns and determine which products are likely to appeal to you. Epsilon Abacus then shares your name and shipping address with Abacus Alliance Members who may offer such products. This sharing of information is based on our and their legitimate interest in marketing our products to individuals who have expressed an interest in our products and services.
When registering an account with us, you have the option to agree to share your information with Epsilon Abacus and the Abacus Alliance. If you do so, your name and shipping address, along with transactional information, will be shared with the Abacus Alliance Members for the purpose of analyzing your buying patterns and providing you with information about products likely to appeal to you. By agreeing to share this information, you also agree to receive information and materials by post from other Abacus Alliance Members, which are limited to retailers in the clothing, collectibles, food and wine, gardening, gadgets and entertainment, health and beauty, household goods, and home interiors categories. It is important to note that the list of retailers in the Abacus Alliance may change periodically.
If you no longer wish to share your information with Epsilon Abacus and the Abacus Alliance or to receive materials by post, you can contact us at sales@bret's.com or call us at 01707 321 823. Additionally, you may wish to register with the Mailing Preference Service (MPS), a free service funded by the direct mail industry, to have your name and home address removed from mailing lists. This will help you to stop all unsolicited postal communications. For more information or to register with the MPS, please visit their website at www.mpsonline.org.uk..
INFORMATION YOU SHARE WITH US IN COMMUNICATIONS OR INTERACTIONS
Whenever you contact us or our customer service representatives via the Services, such as through email, phone, or messaging, we keep a record of your communication to assist you with your queries or complaints regarding our products and services. We may also use this information to train our customer service representatives, as part of our aim to provide you with high-quality customer service. Moreover, we use the information you provide us to handle your account-related requests, including those related to your shave plans and purchase orders. This is necessary to fulfill our contractual obligations to you, and without this information, we may not be able to address your requests. If you respond to a survey or leave a comment or review about us, our products, or the Services, we also record and analyze your feedback to assess and address your concerns, based on our legitimate business interest in delivering quality products and services to our customers.
OTHER PERSONAL DATA WE RECEIVE ABOUT YOU
We collect certain information about you automatically when you access or use our Services, or when you interact with us through other websites or mobile applications. This information includes data that is automatically generated by your device or web browser, such as your IP address, browser type, operating system, referring URLs, pages visited, and device identifiers. We also collect information from third-party sources, such as advertising and analytics companies.
When you use or access the Services, we gather data from your web browser, such as your device's settings, unique identifiers, and IP address. This information helps us to identify your approximate location accurately and reliably, and aids us in providing you with Services and information that are relevant to you. We collect this data based on our legitimate business interest in improving our Services and understanding how they are being used.
We utilize Cookies to gather data about your internet usage, which includes your internet protocol (IP) address, internet service provider, browser type and version, the pages you visit and the links you click on our Services, the page you were referred from or the page you land on after leaving our Services, and device-specific information if you use a mobile device, such as unique device identifiers, network information, and hardware model (collectively referred to as "Cookie Information"). We do this to:
• h_cart: notes the contents of your cart before checkout so that if you navigate away from your basket and return to us, we will remember what was in your cart;
• h_sess: identifies you to our servers after you log in to your account;
• flash: temporarily stores messages and alerts that we display on-screen to you;
• h_personalization: identifies your relationship with us (e.g., whether you have previously made a purchase from us or signed up for a shave plan);
• followed_incentive_code: this Cookie is delivered by us to verify that a referral link is genuine so that we can credit your account accordingly. Without this Cookie, we cannot authenticate the code and the credit cannot be applied;
• h_geoip: determines from which country you are accessing the site so that we can present a country-specific experience (e.g., currency, language, products, shipping options);
• h_public: stores your public user ID which helps us serve a personalized site experience;
• h_mobile: determines if you are on a mobile device to serve a mobile optimized site experience;
• h_signed_once: remembers if you have logged in before to default your login option to login instead of create account;
• h_user: identifies you as being logged-in;
• h_dc: remembers if you applied a discount code to apply that discount at checkout;
• referrer, utm_source, h_p_utm_source, utm_medium, h_p_utm_medium, utm_campaign, h_p_utm_campaign, h_p_utm_term, h_p_utm_content and h_p_eid: identify from which campaigns visitors to our website originated;
• h_gdpr_cookie_agree: remembers if you agree to being tracked via Cookies; and
• multi_step_builder_state: remembers your progress in completing the checkout experience for a subscription;
• h_membership_seen: remembers if you have seen the Core Membership program;
• h_churn_redirected: remembers if you have already been redirected to profile page upon visiting Bret's.com within the last 30 days;
• We use "performance/analytical cookies" to analyze how visitors use our Services, such as by tracking the number of visitors to our website, the pages they view, and how long they stay on each page. This helps us improve and maintain the accessibility and functionality of our Services, based on our legitimate business interest. These cookies are persistent and may collect information about your online activity after you leave our Services. We also use them to measure the effectiveness of our advertising campaigns and to improve the content on our Services to better market our products and services to interested individuals. We rely on third-party providers to deliver these services. Examples of our performance/analytical cookies include:
• h_eph_sess: a short-lived unique identifier that we use to see if you arrive to our website and whether this could be linked to any offline advertising like TV or radio advertisements;
• h_custype: lets us know if you have purchased from us in the past, so that we can show you relevant information on our website;
• ga: Google Analytics session information, a third party Cookie served by Google; and
• gid: Google Analytics user identifier, a third party Cookie served by Google.
If your browser has a "Do Not Track" or "DNT" option, this allows you to signal to Third Party Service operators that you do not want them to track certain of your online activities across different websites over time. However, as we collect persistent identifier and browsing data, our Services are not currently compatible with DNT requests. This means that we may collect information about your online activity both during and after you use our Services. It is important to note that some Third Party Services may also not support DNT requests, so you should review their privacy policies for further information.
You have the option to accept or reject most Cookies. You can delete Cookies and turn off the Cookie feature in your browser's "preferences" or "options" section, which will prevent your browser from accepting new Cookies and give you the ability to decide whether to accept each new Cookie in various ways. If you decide to turn off the Cookie feature, you can prevent us from collecting your Cookie Information by not using the Services. However, please note that some of the Services may not work correctly if you choose to stop us from collecting your Cookie Information.
If you'd like to know more about Cookies, including information about how to manage, disable and delete them, you can visit http://ec.europa.eu/ipg/basics/legal/cookies/index_en.htm, https://ico.org.uk/for-the-public/online/cookies/, http://www.youronlinechoices.com/uk/ or http://www.allaboutcookies.org/.
ADDITIONAL INFORMATION ABOUT INTEREST-BASED ADVERTISEMENTS
We display advertisements on our Services and work with third-party ad networks, including ad servers, agencies, technology vendors, and research firms, to serve advertisements. These ads may be targeted to users who fit certain general profile categories or exhibit certain preferences or behaviors (known as "Interest-Based Ads"). We may receive information for Interest-Based Ads, including Personal Data, from you or from the usage patterns of particular users on our Services and/or Third Party Services over time. Cookies, including web beacons, may be used by us or our third-party service providers to gather this information and enable ad networks to view, edit, or set their own Cookies on your browser to serve Interest-Based Ads when you visit other websites. Web beacons also allow us and our advertisers to receive anonymized, aggregated auditing, research, and reporting about advertisements. Please note that you can choose to stop us from collecting your Cookie Information by turning off the Cookie feature on your browser or by ceasing to use our Services. You can also opt out of Interest-Based Ads sourced by Google using Google's Ads Settings. For more information on how to make choices about Interest-Based Ads from participating third parties and to learn how to opt-out of receiving them from participating organizations, please visit the user information website of the European Interactive Digital Advertising Alliance.http://www.youronlinechoices.eu/.
LINKS AND CONFIRMATIONS
If you open a Message sent by us, such as an email, SMS, MMS, or push notification, or click on any links within the Message, we receive a confirmation of when and that you did so, as well as Cookie Information. Similarly, if you click on any links anywhere else within our Services, such as on our website or branded social media pages, we receive confirmation and Cookie Information. We collect this information to evaluate the effectiveness of our marketing campaigns and Messages, to better understand our audience, and to learn about your preferences, all based on our legitimate business interest in promoting our products and services to individuals who may be interested in them. If you wish to stop receiving Messages from us, you can do so by contacting us via email at sales@bret's.com or by calling us at 01707 321 823.
INFORMATION FROM ADVERTISING AND ANALYTICS PARTNERS
We collaborate with advertising and analytics companies that furnish us with specific details about your interactions with the Services, as well as with Third Party Services. This includes your age or birth date, demographic or interest-related data, Cookie Information, hashed email addresses, unique identifiers assigned to you by our Advertising Partners, as well as pages or content you've viewed, links you've clicked or other actions you've taken. Our aim is to enhance our understanding of your interests and preferences, so that we can serve you with Interest-Based Ads and gauge their effectiveness. This is based on our legitimate business interest in marketing to individuals who we believe may be interested in our services and products. We strive to target Interest-Based Ads to individuals who match certain general categories, and the information provided to us by our advertising and analytics partners may cause Interest-Based Ads or other types of advertisements or recommendations to appear on Third Party Services that you visit.
Our advertising and analytics partners may use their own Cookies, including web beacons, to collect the information described above and serve targeted advertisements to you on the Services and Third Party Services, as previously mentioned. If you prefer not to have these Cookies collect your information on the Services, you can choose to opt out. Additionally, your browser or device may offer a "Do Not Track" or "DNT" option that allows you to indicate to Third Party Service operators, including behavioral advertising services, that you do not wish to have your online activities tracked across different websites over time. However, we cannot guarantee how these Third Party Services will respond to your browser's signal.
You may also consider changing your settings to block third party Cookies generally, where possible. Again, if you'd like to know more about Cookies, including information about how to manage, disable and delete them, you can visit http://ec.europa.eu/ipg/basics/legal/cookies/index_en.htm, https://ico.org.uk/for-the-public/online/cookies/, http://www.youronlinechoices.com/uk/ or http://www.allaboutcookies.org/.
INFORMATION FROM OTHER SERVICE PROVIDERS
We work with third-party entities to ensure the smooth operation of our business and provision of our services and products to you. These third parties perform various services described in this policy, such as shipping and logistics, email distribution, market research, promotions management, and payment processing. They may also provide us with information about you that they have independently acquired or developed, in accordance with their own privacy policies and practices, which may be necessary to fulfill our contractual obligations to you or to further our legitimate business interests.
As part of our efforts to protect against fraudulent transactions, we may request and receive your transaction history from our Payment Processor when processing your purchase orders and shave plans, or when enrolling you in discount, rebate, and other programs you have chosen to participate in. We may also use this information, in combination with the data you provide us, to verify your identity. This practice is based on our legitimate business interest in safeguarding against fraud.
WHO WE SHARE YOUR PERSONAL DATA WITH
We may disclose your Personal Data within our company group, which includes our subsidiary in the United States, Bret's USA, Inc. Additionally, we may share your Personal Data with third-party vendors, service providers, and agents, as described in this policy and on the legal bases outlined herein.
• We may share your Personal Data with shipping and logistics companies, as well as with our Payment Processor and other service providers that we depend on to provide you with the Services, or to process and fulfill your purchase orders and shave plans. This sharing is necessary to fulfill our contractual obligations to you under our Terms of Service or your purchase orders and shave plans.
If you publicly post any information or content on the Services, such as comments or reviews regarding our shave plans, products, or Services, or if you post such content elsewhere, including on your social media accounts, and that content relates to us or the Services, we may receive and share that public information with third parties. This is based on our legitimate business interest in marketing our products and services.
CHANGE OF OWNERSHIP OR CONTROL
LAWS AND SAFETY
We reserve the right to access, read, preserve, and disclose your Personal Data when we reasonably believe it is necessary to:
• satisfy any applicable law, regulation, legal process or governmental request;
• protect our rights, property or safety, and those of our users, customers and the public.
HOW WE PROTECT YOUR PERSONAL DATA
We take appropriate technical and organizational measures to protect your Personal Data, considering the nature of the data and processing activity involved. For instance, we use industry-standard encryption methods to secure all Payment Information regularly collected through the Services and ensure its security against loss or theft during transmission to our Payment Processor. However, we cannot guarantee or warrant that these measures will prevent unauthorized access to your Personal Data or other information we collect and store about you. Factors like unauthorized entry or use, hardware or software failure may compromise the security of your information at any time.
You can play an active role in preventing unauthorized access to your account with us and your Personal Data by choosing a strong and unique password and safeguarding it appropriately. Additionally, you should limit access to your device and browser by signing off after you have finished accessing your account. This will help ensure that your Personal Data remains secure and protected from potential security breaches.
INTERNATIONAL TRANSFERS OF YOUR PERSONAL DATA AND PRIVACY SHIELD
At times, we may transfer your Personal Data to our authorized third-party agents, vendors, and service providers located outside of the European Union, Iceland, Norway, or Lichtenstein. In such instances, we typically use contracts containing standard provisions approved by the European Commission to ensure that Personal Data receives the same level of protection it enjoys in Europe. If we use third-party agents, vendors, and service providers located in the United States, we may transfer data to them only if they are members of the Privacy Shield program, which mandates that they provide comparable protection to Personal Data shared between Europe and the United States.
The Services are operated and hosted in the United States ("U.S.") by us and our service providers. If you do not reside in the U.S., the laws in the U.S. may differ from those where you reside. By using the Services, you acknowledge that any Personal Data, regardless of whether it was provided by you or obtained from a third party, is being provided to us in the U.S. and will be hosted on U.S. servers. You authorize us to transfer, store, and process your information in the U.S. and potentially other countries. You consent to the transfer of your data to the U.S. in compliance with the EU-U.S. Privacy Shield Framework, which is explained in more detail below.
Bret's, Inc. and its U.S. subsidiary, Bret's USA, Inc., comply with the EU-U.S. Privacy Shield Framework established by the U.S. Department of Commerce for the collection and use of Personal Data transferred from the European Union. Our Privacy Shield certification and additional information about the Privacy Shield program can be found at www.privacyshield.gov. We follow the Privacy Shield Principles, which include notice, consent, accountability for onward transfer, security, data integrity and purpose limitation, access, and recourse, enforcement, and liability with respect to all Personal Data received from the European Union. We remain potentially liable under the Privacy Shield Principles if any third party processing Personal Data on our behalf fails to comply with them (except to the extent we are not responsible for the event giving rise to any alleged damage). The U.S. Federal Trade Commission has the power to investigate and enforce our compliance with the Privacy Shield.
If you have any questions or concerns regarding our Privacy Shield certification, please contact us at sales@bret's.com. If you don't receive a timely response to your Privacy Shield-related complaint from us, or if we don't resolve your complaint, you may file a complaint with JAMS, an alternative dispute resolution provider with offices in London and the United States, by visiting https://www.jamsadr.com/file-an-eu-us-privacy-shield. This service is free of charge to you. Under certain conditions, you may also be entitled to invoke binding arbitration for complaints not resolved by other means.
WHAT YOUR RIGHTS ARE TO YOUR PERSONAL DATA, AND HOW YOU CAN EXERCISE THEM
You possess certain rights regarding your Personal Data, which are detailed below. To learn more about these rights or to make a request regarding them, you may send an email to sales@bret's.com. Please note that we may be unable to fully satisfy your request in certain situations, such as if it is trivial, incorrect, or incredibly impractical, if it threatens the rights of others, or if it is not mandated by law. Nonetheless, we will still respond to inform you of our decision in such cases. In certain circumstances, we may also require additional information from you, including Personal Data, in order to verify your identity and the type of request you are making.
RIGHT OF ACCESS
• If allowed by law, you may request additional details about the Personal Data we have regarding you and obtain a copy of your Personal Data. If you have an active account with us, you can also access your Personal Data by visiting your account settings on our website.
RIGHT OF RECTIFICATION
• If you think that any of your Personal Data held by us is incomplete or inaccurate, you can request that we correct or add to it. Alternatively, you may be able to make some corrections to your Personal Data directly through your account settings on our website.
RIGHT OF ERASURE
• If permitted by applicable law, you may request the deletion of some or all of your Personal Data from our systems. You can also delete your account with us at any time by contacting us via email at sales@bret's.com or by phone at 01707 321 823.
RIGHT TO WITHDRAW CONSENT
• If we are processing your Personal Data based on your consent (as indicated at the time of collection of such data), you have the right to withdraw your consent to this processing at any time, which you can do by emailing us at sales@bret's.com or calling us at 01707 321 823. Please note, however, that if you exercise this right, you may have to then provide express consent on a case-by-case basis for the use or disclosure of certain of your Personal Data, if such use or disclosure is necessary to enable you to utilize some or all of our Services.
RIGHT TO OBJECT TO PROCESSING AND TO RESTRICT PROCESSING
• You have the right to object to the use or disclosure of your Personal Data for certain purposes, such as marketing, and request that we restrict further processing of your Personal Data, where permissible.
RIGHT OF PORTABILITY
• If permitted by applicable law, you have the right to request a copy of your Personal Data in a machine-readable format and to request that we transmit the data to another controller, where technically feasible.
RIGHT TO LODGE A COMPLAINT WITH A SUPERVISORY AUTHORITY
• If you are not satisfied with our handling of your Personal Data, you have the right to file a complaint with the supervisory authority of your country or EU Member State. You can find more information about the supervisory authorities and their contact details at http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.
OUR PERSONAL DATA RETENTION POLICY
We keep your Personal Data as long as you maintain an active account with us, or as needed to provide you with our Services. In certain cases, we may retain Personal Data for a longer duration if it is essential to serve our legitimate business interests (provided that such interests do not take precedence over your own rights and freedoms), adhere to our legal obligations, settle disputes or collect outstanding fees, carry out audits, or if permitted or mandated by applicable laws, rules or regulations. Once your Personal Data is no longer necessary for the purposes we collected it for, we securely dispose of it, although we may keep some information in a depersonalized or aggregated form that does not identify you personally.
As mentioned earlier, you can ask us to erase some or all of your Personal Data from our systems, and you can also delete your account with us at any time by contacting us via email at sales@bret's.com or calling us at 01707 321 823.
ANY QUESTIONS OR CONCERNS?
If you have any questions or concerns regarding the collection, use, protection, or sharing of your Personal Data, including our legitimate business interests or those of others described above, please send a detailed message to sales@bret's.com. You may also contact Bret's Corporation Ltd at its registered office, located at Unit 1G, Tewin Court, Welwyn Garden City, Hertfordshire, United Kingdom, AL7 1AU. We will make every effort to address your concerns.
14 July 2022