This policy was last updated: 29 March 2021
PLEASE READ THE FOLLOWING CAREFULLY
THIS STATEMENT PROVIDES GENERAL INFORMATION ABOUT THE PRIVACY STATEMENT OF THIS WEBSITE. IF YOU ARE UNDER 18 YEARS OF AGE, PLEASE BE SURE TO READ THIS PRIVACY STATEMENT WITH YOUR PARENTS OR GUARDIAN AND ASK THEM QUESTIONS ABOUT WHAT YOU DO NOT UNDERSTAND.
YOUR USE OF THIS SERVICE CONSTITUTES ACCEPTANCE BY YOU OF THIS PRIVACY STATEMENT.
CANDY GIRL ENTERPRISES LTD trading under the name and style of STYLZ MAG (collectively, “STYLZ MAG”, “we”, “our” and “us”.) has created this privacy statement (“Statement”) in order to demonstrate its firm commitment to the privacy of the details that you provide to us when using www.stylzmag.com ( collectively “the website”) , as the data controller for the purposes of the GDPR (General Data Protection Regulations EU 2016/679) and the UK data Protection Act of 2018.
At STYLZ MAG, we are committed to maintaining the trust and confidence of all visitors to our website. In particular, we want you to know that the website is not in the business of selling, renting or trading email lists with other companies and businesses for marketing purposes.
We won’t sell or give away your name, mail address, phone number, email address or any other information to anyone
We take your privacy seriously and take measures to provide all visitors and users of the website with a safe and secure environment.
The Personal Information on the www.stylzmag.com, is collected, controlled and processed by:
CANDY GIRL ENTERPRISES LTD (“The Data Controller”)
Candy Girl Enterprises Ltd, First Floor,
85 Great Portland Street, London W1W 7LT
| United Kingdom.
EMAIL: [email protected]
This Policy explains our processing of your personal data and your rights according to UK DATA PROTECTION ACT 2018 and the EU GDPR. STYLZ MAG reserves the right to modify this Statement at any time without notice by posting the changes on this webpage.
“Personal Data” means any information which relates to a living, identifiable person. It can include names, addresses, telephone numbers, email addresses etc but it is wider than that and includes any other information relating to that person or a combination of information which, if put together, means that the person can be identified.
“Special Category data” means personal date about a person’s race, ethnic origin, politics, religion, trade union membership, genetics, biometrics (where used for ID purposes), health, sex life or sexual orientation.
“Processing” covers all activities relating to the use of personal date by an organization, from its collection through to its storage and disposal and everything in between.
“Data subject” means the person whose personal data is being processed.
“Consent” any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;
“Controller” the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
“Data handling” any set of operations or operations performed in an automated or not automated manner on personal data or files, thus collection, capture, systematization, distribution, storage, transformation or alteration, query, introspection, use, communication, forwarding, distribution or by any other means of making data available, coordination or interconnection, restriction, deletion or destruction;
“Data controller” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
“Addressee” means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not;
“Third party” means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data;
“Profiling” any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements and;
“Privacy data breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.
RULES OF DATA HANDLING
The Data Controller recognizes the contents of this Data Management Guide as binding on itself, and states, that all data management related to his/her own activity is consistent and complies with the legal provisions as stated in the normative GDPR laws and with the applicable domestic sectoral laws, so especially as provided in the UK Data Protection Act, 2018.
The Data Protection Act 2018 is the UK’s implementation of the General Data Protection Regulation (GDPR).
Everyone responsible for using personal data has to follow strict rules called ‘data protection principles. They must make sure the information is:
- used fairly, lawfully and transparently
- used for specified, explicit purposes
- used in a way that is adequate, relevant and limited to only what is necessary
- accurate and, where necessary, kept up to date
- kept for no longer than is necessary
- handled in a way that ensures appropriate security, including protection against unlawful or unauthorised processing, access, loss, destruction or damage
There is stronger legal protection for more sensitive information, such as:
- ethnic background
- political opinions
- religious beliefs
- trade union membership
- biometrics (where used for identification)
- sex life or orientation
There are separate safeguards for personal data relating to criminal convictions and offences.
The Data Controller defines his / her data management in such a way that it is with the principles set out in the GDPR/DPA – legality, fairness and transparency, purpose limitation, data saving and accuracy, limited storage, integrity and confidentiality, as well as accountability – complies fully.
Accordingly, the Data Controller handles the collected, stored (managed) personal data solely for the clear and legitimate purposes defined and described below in subsequent paragraphs and only for the time stated. Thus, the subjects can read in detail about
each of the data management activities in the mentioned points.
The legal basis for data management of the Data Controller is typically the consent of the data subject, the fullfillment of the contract concluded with the data subject, its preparation and the fulfillment of the legal obligation.
The legal basis for data management will be the fullfillment of the contract if the data subject orders the service from the Company, for example through the Website, i.e. a contractual relationship between the concerned (user) and the Company.
We’re talking about statutory data management when a law obliges Data Controller to include some data as well as the duration of data storage.
Data Controller ensures data security and proper management. The Data Controller ensures that the data is stored in a form that allows identification of data subjects only for the time necessary to achieve the purposes for which personal data are processed. He/she also takes the technical and organizational steps to ensure that the data processed is adequately protected. Within this framework, he/she will take reasonable measures to prevent unauthorized access, alteration of use, transmission, disclosure, deletion or destruction, as well as unavailability of accidental destruction and damage resulting from changes in the technique used.
Therefore the Data Controller’s staff shall ensure that unauthorized persons do not access personal data and that the storage and placement of personal data is designed in such a way that it is not accessible, accessible, alterable, destroyed, or destroyed by an unauthorized person.
The Company undertakes that the personal data of the data subjects will only be forwarded to the addressee (third party or data processor) who also handles the personal data provided or transmitted to them in accordance with these principles. The Company does not sell the data of the affected persons.
The users of the Website are also responsible for the security of their data. For protecting Your username and password, please be careful about the security of these data and not give it to third parties.
WHAT PERSONAL DATA DO WE COLLECT?
Personal information is any information relating to an identified or identifiable individual. It does not include data where the identity has been removed (anonymous data). We may collect, use, store and transfer different kinds of personal information about you when we engage with you. This will include:
Identity Data – title, first name, last name, job title, company name or similar identifier. If you interact with us through social media, this may include your social media user name;
Contact Data – billing address, delivery address, email address and telephone numbers;
Transaction Data – details about services you have purchased from us.
How do we collect personal data?
We use different methods to collect data from and about you, through:
Emails / Contact Us
When you contact us through the website we will collect your name, email address as well as your message, so that we can respond to your communications and provide details of our services and deal with general company enquiries.
Subscriptions to our Listing Plans
We will retain the information you provide to us if you subscribe to our services. This includes details of your name and email. Data is processed on the lawful basis of a contractual agreement.
Other direct interactions
You may give us your data by filling in forms or by corresponding with us via email or through social media. This includes personal data you provide when you: sign up to use our services; make enquiries or request information be sent to you; place a listing; ask for information to be sent to you; engage with us on social media; enter a promotion or survey; contact us direct; leave comments on our blog; or reviews on our services.
We will only use your photos with your explicit consent. If you upload photos to the platform or give us permission to access photos or your camera, we will only use images that you specifically choose to share with us. You may use the platform to select the photo or photos you choose to share, but we will never import the photos you review except those you explicitly share. At any time, you can manage your Photos from your dashboard.
We use social media to engage with users and link to our Facebook, youtube linked in etc Instagram and Twitter pages. We do not keep any specific data that identifies you as an individual user but hold details of our followers on these platforms. You should refer to the Privacy Policies of these channels to understand how they treat your data in relation to linking to our site.
Visits to our website
When you visit our website we do not attempt to identify you as an individual user and we will not collect personal information about you unless you specifically provide this to us.
Special categories of data
We do not generally collect any special categories of personal data about you; this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data We do not collect any information about criminal convictions and offences.
We do not market this website at those under 18 years old. Consistent with the GDPR we will never knowingly request personally identifiable information from anyone under the age of 16 years old.
INFORMATION WE GET FROM OTHER SOURCES
From time to time, we may need to obtain information from third parties about you. This will only apply where it is necessary to provide our services and as permitted by law.
We may receive personal data relating to: your identity and contact data from data partners; and data from any third parties who are permitted by law or have your permission to share your personal data with us, such as via social media or review sites.
HOW DO WE USE YOUR DATA?
UK data protection law requires us to have a “legal basis” for processing personal data. The legal basis we rely on are:
- Performance of a contract we are about to enter into or have entered into with you;
- Compliance with a legal or regulatory obligation;
- Carrying out activities that are legitimate to our business interests;
- Consent. However, generally, we shall not rely on consent as a legal basis for processing your personal data other than where the law requires it. Where our legal basis is consent, you have the right to withdraw consent any time.
We may use the information we collect from you as outlined in this table:
|What we use your information for||The legal basis for doing so|
|To provide, manage and personalise our services to you||Where necessary to carry out our agreement or to take steps to enter into an agreement with you Where the law requires this It is in our legitimate interests to make sure that our customer accounts are well-managed, so that our customers are provided with a high standard of service, and to protect our business interests and the interests of our customers.|
|To administer and improve the website||It is in our legitimate interests to develop and improve our products and services, so that we can continue to provide products and services that our customers want to use, and to make sure we continue to be competitive.|
|To personalise the content and user experience of the website||It is in our legitimate interests to develop and improve our systems and provide our customers with a high standard of service|
|To allow us to respond to communications||Where necessary to carry out our agreement or to take steps to enter into an agreement with you|
|To send email notifications which have been specifically requested||It is in our legitimate interests to give you information about our products and services that you may be interested in|
|To send marketing communications, where expressly agreed;||In the case of electronic marketing we have your permission to do so|
|To provide third parties with statistical information about our users||It is in our legitimate interests to better understand how our customers use our products and what changes we could make to improve them|
|To deal with enquiries and complaints made by or about you relating to the website||It is in our legitimate interests to make sure that our customer accounts are well-managed, so that our customers are provided with a high standard of service|
|To recover debt and exercise other rights we have under any agreement with you, as well as to protect ourselves against harm to our rights and interests in property||Where necessary to carry out our agreement or to take steps to enter into an agreement with you Where the law requires this It is in our legitimate interests to make sure that our business is run prudently, and we can recover the debts owed to us, as well as making sure our assets are protected.|
Users contacting this website and/or its owners do so at their own discretion and provide any such personal data requested at their own risk. Your personal information is kept private and stored securely until a time it is no longer required or has no use.
Our legitimate interests
When we use our legitimate interests as the legal basis for processing your personal information, we will consider and balance any potential impact on you and your rights before we process your personal data. We will only then proceed where we believe our interests are not overridden by the impact on you. Our legitimate interests include the management of our business operations.
We may use Data Processors who act on our instruction in relation to the management of your data and they must adhere to all data protection laws and regulations. We will ensure that any Data Processors used only operate on our written instructions and comply with their obligations under the GDPR. You will be informed of any other Data Controllers who have access to your data and who may determine processing activities separately to us, or as a Joint Data Controller.
We may carry out direct marketing by email. You have the option not to give consent and to withdraw consent at any time from marketing communications. You may withdraw your consent for us to contact you by email to [email protected] We may continue to contact you if there is another lawful basis to do so.
Non-personally identifiable information may be provided to other third parties for marketing, advertising or other uses.
COOKIES AND SIMILAR TECHNOLOGIES
Cookies are small files that we or others send to and store on or with your computer so that your computer, browser, mobile app or other application can be recognized as unique the next time you access, visit, use or otherwise take advantage of the Services or other media. Cookies may also reflect demographic data pertaining to you or other data linked to information you submit. One use or consequence of cookies is to enable you to receive customized ads, alerts, content, services or information. You are always free to decline any cookies we use by adjusting the settings of your browser, as your browser may permit; however, some products, services or features might not be available or operate properly if cookies are not enabled. Some of our advertisers and third-party service providers may also utilize their own cookies.
In addition, we, our service providers and others sometimes use data-gathering mechanisms on the Services, including without limitation “web beacons”, “clear GIFs”, “pixels” and/or “tags”. These perform statistical and administrative functions, such as measuring site and page traffic, verifying advertising paths, better understanding user interests and activity, gathering related information (such as information relating to a particular browser, device or IP address) and positioning images, and typically do so without detracting from your online experience. Such mechanisms are not necessarily designed to collect Personal Information. In addition, if you have provided your email address, we might use a non-human unreadable form (or “hash”) of your email address to deliver, or facilitate delivery of, relevant advertisements and information to you on or by way of the Services or on or by way of other websites or media, including, for example, popular social media sites and features.
Rights of Data Subjects
STYLZ MAG recognises a data subjects rights and will uphold these in accordance with data protection laws. You are entitled to see the information held about you and you may ask us about any of the following:
Subject access requests
Data subjects (i.e. individuals) have the right to access personal data that is held by submitting a subject access request (SAR) to STYLZ MAG. We will endeavour to respond quickly to any such requests, which legally require us to respond within one month of receiving the request and necessary information. A subject access request can be made by emailing [email protected].
Right to rectification
Data subjects have the right to request that we amend or change personal data that is inaccurate or incorrect.
Right to erasure
Data subjects have the right to ask us to delete personal information from our systems without giving any reason and at any time. We will act on any such request without delay.
Right to restrict processing
Data subjects have the right to rectification or erasure of personal data in the following circumstances:
- Personal data is not accurate;
- The processing of data is unlawful – data subjects may request that processing is restricted;
- Data is required to exercise legal rights or defend legal claims;
- Data is unlawful but there may be lawful grounds for processing, which override this right.
Right to data portability
Data subjects have the right to obtain and request the transfer of their data to different service providers.
Right to object
Data subjects have the right to object to the processing of data at any time based on their particular situation. This includes objecting to profiling unless it is in the ‘public interest’ or exercised lawfully by an official authority. We will only process data under lawful grounds.
Right not to be subject to decisions based on automated processing
We do not use any automated processing that results in any automated decision based on a data subject’s personal information.
Using your rights
If you wish to invoke any of these rights, you should contact the person responsible for data protection by email to [email protected]
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We will report any unlawful breach of data as required by the GDPR within 72 hours of the breach occurring, if it is considered that there is an actual, or possibility, that data within our control including the control of our data processors, has been compromised. If the breach is classified as ‘high risk’ we will notify all data subjects concerned using an appropriate means of communication. We will report any relevant breaches to the ICO, see below.
If you want to raise a concern about the use of your data, you can contact us by email to [email protected] Alternatively, you can formally raise a concern or complaint to the Information Commissioner’s Office (ICO) directly on 0303 123 1113, or see the options for reporting issues on https://ico.org.uk/concerns/
Questions and queries
If you have any concerns about how we handle your data, please get in touch by email to [email protected]
Copyright © 2021 StylzMag.Com c/o Candy Girl Enterprises Ltd