This notice is to inform you about how we collect and protect any personal information you provide to us, how you can control what personal information we collect from you, and what we do with it. It sets out how we intend to use your information, who we will share it with, and what rights you have about use of your information.
This notice applies however you provide personal information to us — whether you go online to our website (yspot.co), contact us via social media, visit our events, email or chat with us, or enter into promotional contests with us.
What types of data do we collect?
We may collect the following information about you during the course of your experience on our website:
your name, age/date of birth, predicted gender, and other relevant demographic information;
your contact details, including billing and delivery addresses, telephone numbers (including mobile numbers), and email address;
purchases and orders made by you;
your online browsing activities on any of our websites, including which items you store in your shopping cart;
information about the device you use to browse our websites, including the IP address and device type;
your communication and marketing preferences;
your location, if your device’s settings allow it;
your correspondence and communications with us.
These lists are not exhaustive and in specific instances, we may need to collect additional data for the purposes set out in this Notice. Some personal data is collected directly, for example when you place an order on our website, or send an email to our Customer Support team. Other personal data is collected indirectly, for example when you browse our websites or undertake online shopping activity. We may also collect personal data from third parties who have your consent to pass your details to us, or from publicly available sources. We may anonymise and aggregate personal data for insight and research, but this will not identify anyone.
Age of consent
By using this site, you represent that you are at least 18 years of age. We do not knowingly collect the data of anyone under the age of consent on our website.
How do we use your data?
Y Spot (and trusted partners acting on our behalf) use your personal data:
to verify your identity;
for crime and fraud prevention, detection and related purposes;
to fulfill orders you’ve placed, and contact you about payments and fulfillment;
with your agreement, to contact you about promotional offers, events, products and services which we think may interest you;
to show you promotional communications through online media as you browse the web;
to enable us to manage customer service interactions with you; and
where we have a legal right or duty to use or disclose your information (for example in relation to an investigation by a public authority or in a legal dispute).
To ensure you are kept up to date with the Y Spot, we use personal data for marketing purposes, and may send you emails to update you on the latest offers and events. We may also show you online media communications through external social media platforms such as Facebook and Instagram, and external digital advertisers.
You have the right to opt out of receiving promotional emails at any time, by:
informing us that you wish to change your marketing preferences by contacting our customer support team at email@example.com;
making use of the simple “unsubscribe” link in emails.
How do we make sure your data is secured?
To protect your personal information, we take reasonable precautions to try to ensure that it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
Data collected through our website is encrypted by WooCommerce using the HTTPS protocol for secure communication over a computer network.
WooCommerce also encrypts any sensitive stored information, and salts and hashes passwords using bcrypt.
If you provide us with your credit card information, the information is encrypted. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
What are your rights?
You have the following rights:
the right to be informed about our processing or your personal data, which is the aim of this Notice;
the right to access personal data we hold about you at any time;
the right to ask us to update and correct any out-of-date or incorrect personal data that we hold about you (the right to rectification);
the right to object to processing of your personal data and/or to withdraw any consent you have given us and to opt-out of any marketing communications that we may send you;
the right to prevent processing that is likely to cause damage or distress to you or anyone else;
the right to request that we erase your personal data in certain circumstances (the right to erasure) — for example, when the data are no longer necessary for the purpose for which we collected them;
the right to have your personal data provided to you by us in a structured, commonly used and machine-readable format and transmitted to another data controller (the right to data portability).
If you wish to exercise any of the above rights, you can always contact us either by email to firstname.lastname@example.org.