Privacy & Cookies Policy

v1.0 - last revised 30 September 2023

Privacy Policy

This document sets out the Privacy Policy of IAS Beauty Suppliers Ltd trading as hey gorgeous shop and explains how we collect and use your personal information in connection with your relationship with us as a customer or potential customer including;

  • through your use of heygorgeous.com.cy and any country top level domain name iteration of www.heygorgeous.com.cy (the "Site"), or hey gorgeous application that we make available from time to time ("Application")
  • by visiting a hey gorgeous store
  • by interacting with our content and/or services or
  • by contacting our Customer Care Team.

This policy also applies to information held about suppliers and possible future suppliers, contacts and all other people we hold information about.

Please read the following carefully to understand our views and practices regarding your information and how we will treat it.

Please also refer to our Terms and Conditions.

You must be over 16 to register for a personal account, subscribe to hey gorgeous emails and/or place an order with hey gorgeous. The Site is not intended for children, and we do not knowingly collect data relating to children.

 

Who are we?
This Privacy Policy is issued on behalf of IAS Beauty Suppliers Ltd, trading as hey gorgeous, so when we mention "IAS", "hey gorgeous", "we", "us" or "our" in this Privacy Policy, we are referring to the relevant company responsible for processing your data.

IAS Beauty Suppliers Ltd trading as hey gorgeous shop is the controller and responsible for this Site and any Application.

Our Data Protection Officer can be contacted by emailing dpo@heygorgeous.com.cy.

We are a company registered in Cyprus under registration number HE356395 and our registered address is 3 Michael Karaoli, Nicosia 1040, Cyprus.


Information we collect
By ‘information,’ we mean personal information about you that we collect, use, share, store and transfer in physical and electronic form. This information can be grouped together in the following categories:

  • Identity and Contact Information includes first name, last name, title, birthday, email address, telephone number, delivery address, billing address or any other information you provide within your personal preferences through your profile builder or to staff within our stores
  • Financial Information includes bank account and payment card details
  • Transaction Information includes details about payments to and from you and other details of products and services you have purchased from us
  • Technical Information includes internet protocol (IP) address, device type, your login data, browser type and version, time zone setting and country, your location if you choose to share it, language, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access the Site or any Application Profile Information includes first name, last name, title, birthday, email address, telephone number, delivery address, billing address, password, purchase and order history, your favourite products, wish list, brand preferences, contact with the Customer Care Team, and any other information you provide within your personal preferences through your profile builder
  • Usage Information includes information about how you use the Site or any Application (such as the pages you visit and the products you look at)
  • Marketing and Communications Information includes your preferences in receiving marketing from us and our third parties and your communication preferences
  • Contact History includes keeping a record of what you have said to us, for example, over the phone, by live chat, through a web form, by email, on social media or otherwise
  • Social Information includes information collected if you choose to link your social media accounts with us.

 

How we collect information about you
You may give us your information by filling in forms on the Site or any Application or in-store or by corresponding with us by post, phone, email, on social media or otherwise. This includes information you provide when you:

  • register for an account with us (whether online, on any Application or in-store);
  • browse our website or any Application;
  • place an order;
  • receive a consultation or treatment;
  • sign up to our newsletters;
  • register for any loyalty scheme that we offer from time to time;
  • request marketing to be sent to you;
  • contact our Customer Care Team;
  • enter a competition, promotion or survey; or
  • give us some feedback.

As you interact with the Site or any Application we may automatically collect Technical Information about your equipment, browsing actions and patterns. We collect this information by using cookies, server logs and other similar technologies. We may also receive Technical Information about you if you visit other websites employing our cookies. Please see our Cookie Policy for further information.

We may also receive information about you from various third parties such as: analytics providers, advertising networks, search information providers and payment service providers.

How we use your information

We use your information in the following ways:


Identity & Contact Information
  • to deliver your purchases to you
  • to provide beauty treatments and/or beauty advice
  • to send you service messages by email, SMS or otherwise, such as order updates
  • to create and manage your Hey Gorgeous account
  • to provide customer care and support, and handle returns
  • for security and to check your identity
  • to provide you with marketing (where we have the right to do so – see marketing section below)
  • to show you Hey Gorgeous adverts as your browse the web
  • to direct you to the right part of the Site or any Application
  • to communicate with you
  • to enroll you in your Corporate Partnership Scheme

    Financial Information

    • to take payment, and give refunds
    • for fraud prevention and detection

    Transaction Information

    • to provide products you order to you
    • to provide customer care and support, and handle returns
    • to find out what you, and other customers, like

    Technical & Usage Information

    • to identify you when you visit our Site and any Application
    • • to improve our Site and any Application and set default options for you (such as language and currency)
    • • to keep our Site and any Application safe and secure
    • • to find out what you, and other customers, like
    • • to show you Hey Gorgeous adverts as you browse the web

    Profile Information

    • to find out what you like based on what you have bought, searched for or returned
    • to make suggestions and recommendations to you about goods or services that may be of interest to you
    • to manage your participation in any loyalty scheme
    • to complete brand specific consultations
    • to provide beauty treatments and/or beauty advice

    Marketing and Communications Information

    • to send you information by email, SMS, post, or otherwise, about our products and services

    Contact History

    • to provide customer care and support
    • to train our staff

    Social Information

    • to enable you to log-in to our Site or any Application simply and easily without having to create a separate account
    • to enable you to share products and services if you choose to

     

    Legal basis for processing

    Our processing of your personal information is necessary:

    • for the performance of contracts to which you will be a party to and in order to take steps at your request prior to you entering into those contracts;
    • for the purposes of legitimate interests pursued by us; or
    • in order to comply with a legal obligation to which we are subject.

    In relation to any processing of special categories of personal information such as information about your health, we will generally rely on obtaining specific consent from you at the time unless there is otherwise a legal requirement for us to process such information.


    Legitimate interests

    Where our processing is based on the legitimate interest grounds described above, those legitimate interests are: (i) collecting personal information to provide you with a smooth and efficient customer experience; (ii) running our business; (iii) to provide the products and services you have requested; (iv) to prevent fraud; and (v) for our own marketing, research and product development.

    Will we share your information with third parties?

    Except as expressly set out in this policy we will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so.

    However, we share your information with the following categories of companies as an essential part of being able to provide our products and services to you, as set out in this Privacy Policy:

    • Companies in our Group as necessary to operate the Site and the Application and fulfil your orders
    • Companies that help us fulfil your orders such as payment service providers, warehouses, order packers, and delivery companies
    • Professional service providers, such as marketing agencies, advertising partners and website hosts who help us run our business
    • Credit reference agencies, law enforcement and fraud prevention agencies, so that we can help tackle fraud
    • Companies approved by you, such as social media sites (if you choose to link your accounts to us)
    • Concession Brands (meaning a third party seller who sells products to you via the Site) for orders fulfilled by our Concession Brands. Please see our Terms and Conditions for more information relating to orders fulfilled by our Concession Brands
    • Your product and treatment preferences with specific brands
    • Competition winners on social media

    We may also share your personal information with:

    • law enforcement agencies, other governmental agencies or third parties if we are required by law to do so; and
    • other business entities should we plan to merge with or be acquired by that business entity, or if we undergo a re-organisation with that entity.

    We may provide third parties with aggregated but anonymised information and analytics about our customers and, before we do so, we will make sure that it does not identify you.


    Will we transfer your information overseas?

    The information that we collect from you may be transferred to, and stored at, a destination outside the UK or the European Economic Area ("EEA"). It may also be processed by staff operating outside the UK or the EEA who work for us or for one of our suppliers. Such staff may be engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services.

    When we, or our permitted third parties, transfer your information outside the UK or the EEA, we or they will do so in one of the following ways:

    • the country to which we send your Personal Data is approved by the UK Government or European Commission, as appropriate, as offering an adequate level of protection for Personal Data;
    • the recipient signed up to a contract imposing obligations on the recipients of that data to protect your information to the standard required in the UK or the EEA, as appropriate, obliging it to protect your Personal Data;
    • the recipient is required to subscribe to international frameworks approved by the UK Government or European Commission to enable secure data sharing.

    In the case of transfers by us, we will put in place appropriate safeguards to ensure that your information remains adequately protected. If you would like more details about the safeguards that we rely on, please contact the Customer Care Team at care@heygorgeous.com.cy.


    Your Rights

    At any time, you have the right:

    • to request access to or a copy of any information which we hold about you;
    • to rectification of your information, if you consider that it is inaccurate;
    • to ask us to delete your information, if you consider that we do not have the right to hold it;
    • to withdraw consent to our processing of your information (to the extent such processing is based on previously obtained consent);
    • to ask us to stop or start sending you marketing messages as described below in the marketing section;
    • to restrict processing of your information;
    • to data portability (moving some of your information elsewhere) in certain circumstances;
    • to object to your information being processed in certain circumstances; and
    • to not to be subject to a decision based on automated processing and to have safeguards put in place if you are being profiled based on your information.

    Any request for access to or a copy of your information must be in writing and we will endeavour to respond within a reasonable period and in any event within one month in compliance with data protection legislation. We will comply with our legal obligations as regards your rights as a data subject.

    We aim to ensure that the information we hold about you is accurate at all times. To assist us in ensuring that your information is up to date, do let us know if any of your personal details change. You can access, update or correct your personal account details via the "My Account" section of the Site.


    Data Subject Access Requests

    We would gladly assist in any data subject access requests.

    Data subject access requests should be made in writing and we advise emailing DSAR@heygorgeous.com.cy to ensure action is promptly taken.

    Please include the following:

    • Full Name
    • Email Address
    • Billing Address
    • Details of the specific information you require and any relevant dates

    We may ask for further information to identify you and ensure the personal data relates to the individual making the request.
    We will respond within one month of receiving the information we require to carry out your request. Responses can only be provided in English.


    Data Security

    We are committed to ensuring that your information is secure. To prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.

    All information you provide to us is stored on secure servers. Any payment transactions will be encrypted. We use 256-bit SSL Software to encrypt your payment card information when you place an order on our secure server. For your added security all payment transactions are processed automatically by Stripe, and we are not party to your personal credit card or bank details. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Site, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.


    Marketing

    We may use your information to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you.

    You will receive marketing messages from us if you have requested information from us or purchased goods or services from us and, in each case, you have not opted out of receiving that marketing.

    We may also market to you if we have received your express consent to do so including where we have collected your details in connection with a competition or other promotion and you have agreed to receive marketing from us.

    You can stop receiving marketing messages from us at any time.

    You can do this:

    • By clicking on the ‘unsubscribe’ link within an email to unsubscribe from that specific email type
    • By contacting our Customer Care Team at care@heygorgeous.com.cy

    Once you do this, we will update your profile to ensure that you don’t receive further marketing messages.

    Stopping marketing messages will not stop service communications (such as order updates).


    Third-party marketing

    We will get your express opt-in consent before we share your personal data with any company outside our group for marketing purposes.


    Online adverts

    We also engage in online advertising, also to keep you aware of what we’re up to and to help you see and find our products.

    Like many companies, we target Hey Gorgeous banners and ads to you when you are on other websites and apps. We do this using a variety of digital marketing networks and ad exchanges, and we use a range of advertising technologies like web beacons, pixels, ad tags, cookies, and mobile identifiers, as well as specific services offered by some websites and social networks, such as Facebook’s Custom Audience service.

    The banners and ads you see will be based on information we hold about you, or your previous use of the Site or any Application (for example, your Site search history, Application usage and the content you read on the Site or Application) or on Site or Application banners or ads you have previously clicked on.


    How long will we keep your information?

    We will keep your information for as long as you have your account, or as long as is needed to be able to provide the services to you, or (in the case of any contact you may have with our Customer Care Team) for as long as is necessary to provide support-related reporting and trend analysis only.

    If reasonably necessary or required to meet legal or regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our Terms and Conditions, we may also keep hold of some of your information as required, even after you have closed your account or it is no longer needed to provide the services to you.

    Where we are permitted to send you direct marketing communications we may retain your contact information necessary for this purpose, (provided that you have consented to receiving them) for as long as you do not unsubscribe from receiving the same from us.


    Links to other websites

    This Privacy Policy only applies to Hey Gorgeous. Where there are links to other websites these have their own Terms and Conditions and Privacy Policies that can be viewed on their respective websites.


    How to contact us

    Questions, comments and requests regarding this policy are welcomed and should be addressed to care@heygorgeous.com.cy.

    If you have any concerns about our use of your information, you also have the right to make a complaint to the data protection regulator in your country. If you are a Cyprus resident, this is the Office of the Commissioner for Personal Data Protection, which regulates and supervises the use of personal data in Cyprus, at https://www.dataprotection.gov.cy.

     

    Changes to this Policy

    Any changes we make to our Privacy Policy in the future will be posted on this page and, where appropriate, notified to you on the Site, within any Application or by email. Please check back frequently to see any updates or changes to our policy. This Privacy Policy was last updated on 30 September 2023.

    Cookie Policy

    Our website uses cookies, and similar technologies such as pixels and beacons, to collect information. This includes information about browsing and purchasing behaviour by people who access our websites. It also includes information about pages viewed, products purchased, the customer journey around our website and whether marketing communications are opened. Detailed information is set out in this policy below.


    What are Cookies?

    Like most websites, the heygorgeous.com.cy website and associated app use cookies to collect information. A cookie is usually a small piece of data sent from a website or app and stored in a user's web browser or app while a user is browsing. When the user browses the same website or app in the future, the data stored in the cookie can be retrieved by the website or app to notify the website or app of the user's previous activity, thereby distinguishing the user from others using the site or app.

    Further information on cookies and how to manage them for your web browser can be found at: http://www.allaboutcookies.org/


    e-Privacy Directive

    The 2011 EU e-Privacy Directive requires website operators that provide services to users to receive informed consent from their visitors of the use of cookies upon reaching the website or app. This has been implemented on heygorgeous.com.cy by way of a pop-up message that appears across the bottom of the browser window to anyone located in an EU member state.

    Further information on the UK cookie law can be found on the Information Commissioner's Office website: https://eur-lex.europa.eu/legal-content/EN/ALL/?uri=celex:32009L0136


    Hey Gorgeous Cookies

    Hey Gorgeous uses cookies to store information about your visit that we can access when you return to our site in future. These cookies help us to improve our site and deliver a better and more personalised service. They enable us to:

    • estimate our audience size and usage pattern
    • store information about your preferences and so allow us to customise our site according to your individual interests
    • speed up your searches
    • recognise you when you return to our site

    We may collect information about your computer, including where available your IP address, operating system and browser type, for system information and to report aggregate information to our advertisers. This is statistical data about our users' browsing actions and patterns and does not identify any individual. Further information can be found in our privacy policy.

    The cookies that we use can be categorised as follows:

    Strictly Necessary Cookies

    These cookies are always active and are necessary for the website and app to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling your basket. You can set your browser or app to block or alert you about these cookies, but some parts of the site will not then work.

    Performance Cookies

    Hey Gorgeous uses services from Google Analytics to record page views, navigation paths and other details of your visit so that we may improve the way our website operates. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site and will not be able to monitor its performance.

    You can opt-out of being tracked by Google Analytics by installing the browser plugin available from: https://tools.google.com/dlpage/gaoptout.

    Functional Cookies

    These are cookies that record minor details of your interaction with the heygorgeous.com.cy website or app such as your country, language and currency settings and whether you have reached our website from one of our affiliates. While not strictly necessary for the proper function of the website or app, these cookies assist in tailoring the user experience to your requirements. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.

    Targeting / Advertising Cookies

    Hey Gorgeous employs several third-party advertising services such as Channel Advisor, Doubleclick and Criteo in order to target relevant adverts to you across their networks.

    We have also integrated Social Media tools for services such as Facebook, Instagram, Twitter, YouTube, Google+, TikTok and Pinterest into the website and app to allow our users to share products and pages of the website or app with their friends. Each of these third-party services utilises cookies to record whether you are logged into their service and the interactions that you undertake while browsing heygorgeous.com.cy.

    You can opt-out of being tracked by Doubleclick using the following tools: http://www.google.com/settings/ads/onweb/ and http://www.google.com/settings/ads/plugin/.

    Further resources for controlling third-party advertising services are available from: http://www.youronlinechoices.com/uk/ and http://www.networkadvertising.org/choices/.

    You may refuse to accept cookies by activating the relevant setting in your browser or in the settings of the app. However, please note that by deleting our cookies or disabling future cookies you may not be able to access certain areas or features of heygorgeous.com.cy.