The current Privacy Policy is applied every time you visit and view saff.beauty (“the Website”), regardless of whether you are making an order or not. In this policy you will find information about the ways in which we collect and use the information, identifying the Website’s users.

 

I. PERSONAL DATA CONTROLLER

The controller of personal data on this website is SAFF BEAUTY EOOD (“the Company”), headquartered in Bulgaria, Botevgrad municipality, Trudovetz village, 19 Hristo Botev Str., postal code 2160, Company Identification Number (UIC): 203981304. The Controller defines the goals and methods for the processing of the information, as well as for the security procedures, which are applied, in order to guarantee the confidentiality, integrity and security of the data.

 

II. CONFIDENTIALITY PRINCIPLES

  • Data is only processed for the purposes and according to the methods, presented in the moment when it is collected.
  • Тhe data is used for additional purposes only with the explicit consent of the user (for example, for sending of promotional content.
  • Access is granted to third parties only for purposes, related to the performance of the required service (for example banks, courier companies). These organisations are separate personal data controllers than the Company itself.
  • The Company fulfils requests for erasing, changing or adding to provided data.
  • The Company ensures that data is managed lawfully and that suitable security measures are implemented to protect the data provided by users.

 

III. HOW AND WHY WE PROCESS PERSONAL DATA

Your personal data is processed mainly electronically through saff.beauty and by third parties, selected for their reliability and experience. They perform activities of key importance for the use of the website and its services – the sale of products.

Your personal data is processed by the Company, in order to make the following services, possible on the Website:

  • fulfillment of orders and activities, connected to this – name and surname, telephone number, email, postal address, IP address;
  • registration or subscription to the information bulletin – email;
  • publishing a product review – name, email address;
  • management of payments made– for this purpose we only transfer the collected information for the execution of the transaction, after the transfer the information is not stored by us;
  • management of customer requests: technical enquiries, trade related enquiries, questions about the status of orders made, as well as requests for additional information.

When processing your data, the Company tries to follow the strict necessity principle.
This is why the website is configured in such a way, that the use of personal data is limited to the minimum, necessary for correct operation.

 

IV. HOW LONG DO WE STORE THE DATA

The storage of personal data continues, while the Company has reasons for the keeping the information. The following data storage time periods for different data types are applied by the Company:

  • data, connected to made orders – 5-year period;
  • data for marketing purposes – for a period of 2 years or until consent for its use is expressly withdrawn;
  • data, connected to the measurement of user behavior on the Website – for a period of 1 year, depending to the technology used.

 

V. YOUR RIGHTS WITH REGARD TO THE PROCESSING OF YOUR PERSONAL DATA

You always have the right to receive the following information from the Company:

  • how your personal data is being used and for what purpose, as well as the source, from which the Company obtained it;
  • what the goals and methods of processing your personal data are;
  • what the logic, applied for the processing of the data by electronic means is;
  • which categories of companies your personal data may be provided to;
  • you may actualise, correct or add to your personal data;
  • you may cancel, transform the data to an anonymous record or block or delete your personal data.

You may exercise your rights freely and at any time by sending a written request to the Company at hello@saff.beauty.
In case there has been a change in your personal data and you would like the Company to make corrections to it, please notify us in written form at the same email address.

 

VI. CATEGORIES OF THIRD PARTIES, WHICH RECEIVE ACCESS TO YOUR PERSONAL DATA

  • transport/courier companies and postal operators with regard to the fulfilling of contractual obligations and sending of correspondence and communication, connected to the fulfilment of the contractual service and the sending of bought goods;
  • notaries, lawyers or other third parties, if the client has breached an obligation, stipulated in a contract with the data controller;
  • banks, servicing payments, made by and to clients;
  • persons, providing consulting services in different spheres – lawyers, accountants, marketing agencies, etc.;
  • bodies, institutions and persons whom we are obliged according to the law to provide personal data to.

 

VII. COOKIES

In order for us to make your visit to our website attractive and to enable the use of certain functions, our website uses so called “cookies”.

Session Cookies

We use session cookies in order to allow you to surf our website easily and freely, without losing the products you have added to your shopping cart. Session cookies also help to improve the loading time of the Website. They are erased, once you close your browser.

Persistent Cookies (a.k.a First-Party Cookies)

They do not lose their validity when the browser is closed. Their term of validity may vary, but is usually not longer than 6 months. We use them in order to save login data, so that it is not necessary to enter it every time. We also use them for personalisation and to save your preferences.

Cookies of External Service Providers

The origin of the cookies usually coincides with the name (domain) of the Website, on which they are placed. This does not apply to cookies of external service providers, which are created by the providers themselves. These cookies collect data about your habits and interests on the internet and could track your activity through different websites. Through them it is possible to determine which websites you visit, in what sequence and how much time you spend there. They are most frequently used to analyse the visits and interests of users toward a certain topic.

We use the services of the following partners:

Google Analytics
We use the service Google Analytics, property of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA („Google“),  through which we collect and process information about your physical location and other technical information about your visit to the Website. The information, collected by Google in relation to the use of the Website includes the Internet Protocol (IP) address, used to connect your computer or device to the Internet, the “clicks” to, through and from our Website (including their date and time), information about the interaction with the Website (like possible views, clicks and mouse movements). Google Analytics uses different technologies to determine the location, including the IP address, GPS and other sensors, which could, for example, supply Google with information about devices in close proximity, Wi-Fi hotspots and charging status. This information will be transferred to a Google server in the USA, where it will be stored and analysed. The results will be transferred to us in anonymous form. In this process, the data collected from you will not be associated with your full IP address. We have activated the IP Anonymization of Google Analytics, offered by Google on our website, so that the last 8 bits (IPv4) or the last 80 bits (IPv6) of your IP address will be erased. In addition, Google is a certified organisation under the EU-U.S. Privacy Shield, which guarantees an adequate level of data protection in the United States. For more information, see the General Conditions and Privacy Policy of Google LLC. Please, consult Google’s page periodically about all changes or updates to these conditions and to the information, gathered through Google Analytics.

Facebook Pixel
We use Facebook Pixel – a tool operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or, if you are in the EU, by Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland (Facebook), on our website for the purpose of analyzing, optimizing and economically operating the Website. With the help of Facebook Pixel, Facebook has the ability to identify visitors to our site as a target group for displaying ads on Facebook. Accordingly, we use Facebook Pixel to display ads that we post on Facebook to social network users who are interested in our website. That means that with the help of Facebook Pixel, we want to make sure that our Facebook ads are relevant to the potential interest of users and that they are not annoying. We may also use Facebook Pixel to track the effectiveness of the ads on Facebook for statistical and market research purposes, following if users have been redirected to our page after clicking on a Facebook ad (so-called ”conversion” or ”visitor’s interaction”). In this case, the processing is with a legal basis of Art. 6, para 1, sentence 1, letter a) of the GDPR. Facebook Pixel is triggered directly by Facebook when you visit our website and may store a cookie on your device. If, after that, you log in to Facebook or visit Facebook, your visit to our page will be recorded while logged in. The information collected for you is anonymous to us, so we are not provided with any user identity information. However, Facebook stores and processes the data so that it can be linked to the corresponding user profile. That means that user profiles can be created from the processed data. Facebook processes the data in accordance with Facebook’s Privacy Policy. You can find more information about how Facebook Pixel works and how in general ads are displayed on Facebook in Facebook Privacy Policy: https://www.facebook.com/policy. If you do not want to participate in the tracking process, you can reject the cookie settings required for this purpose by using your browser settings and disable the automatic cookie saving completely.

 

VIII. HOW WE PROTECT YOUR DATA

The Company applies organizational, physical, IT and other necessary measures, to guarantee the security and protection of your personal data and the monitoring of its processing. The Company limits the access of its employees to personal data, except in the cases, in which there are reasons for them to handle such data as part of their duties. The Company has put physical, electronic and procedural protection measures in place, which ensure that its legal responsibilities, regarding the protection of the data concerning you are met.

Despite all security measures, which the Company applies, it cannot guarantee that all risk of access to the data from your device without your consent will be eliminated. The Company reminds you that you must ensure that your devices are equipped with the latest software for protection against data transfer in data networks (such as, antivirus systems) and the internet provider you use has taken all necessary measures, regarding network data transfer security (such as firewalls and spam filters).

 

IX. LINKS TO EXTERNAL WEBSITES

The website contains links to other external pages, which are in no way related to the Company. The latter does not control these websites or their content and assumes no responsibility for it nor does it assume responsibility for the confidentiality rules, adopted by them. Our General Conditions and Privacy Policy do not apply to third party websites.

 

X. PRIVACY POLICY CHANGES

It is possible that we may update our Privacy Policy periodically. When changes to the current policy are made, we will publish a message on our website, as well as an updated version of the Policy. All changes and additions to the Privacy Policy will be applied only after publishing its latest content, available through our Website.

 

Latest update: 11.02.2022