Drainastim
Drainastim

 

Personal data protection policy

Introduction

Perfoline, a company registered with the Paris Registry of Commerce and Companies under number Paris B 517 909 495 processes personal data within the scope of its online sales activity on the website www.drainastim.co.uk, under the trade name PERFOLINE.

The present Policy aims to set out the technical and organisational measures implemented by the PERFOLINE to ensure a high and long-lasting level of protection of the data processed; to document its compliance with the French law on Informatics, Data files and Liberties as well as general regulations on data protection; and to inform natural persons concerned of the way in which the PERFOLINE processes personal data and the means available to it to monitor this processing.

Article 1. Definitions

Goods: refers to all goods sold online by the PERFOLINE in accordance with the conditions set out in the Contract.

Customer: any natural or legal person who has purchased products on the website.

Contract: refers to the general terms and conditions of sale accepted by the Customer.

Personal data: as defined by Regulation (EU) 2016/679 of 27 April 2016 (see article 4 in particular) 'any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.'

Collected data: surnames, names, postal addresses, email addresses, telephone numbers, date of birth, payment details (bank card and other means of payment via third parties such as PayPal or CIC), PERFOLINE contact history (recorded calls, instant messages on our website and content generated by the Customer), technical data pertaining to interconnection (history of pages visited on the Website, links you have clicked on Website pages, the type of device used for browsing (MAC address, IP address, Bluetooth data, advertising ID and any other type of personal data that may prove relevant in relation to the purposes established).

Sensitive data: as defined by Regulation (EU) 2016/679 (see recital 51 in particular) all information which is by definition particularly sensitive in terms of of fundamental rights and freedoms warrants special protection, as the circumstances in which it is processed may pose significant risks to rights and freedoms. This personal data includes personal data which reveals racial or ethnic origin. This type of personal data should not be processed unless it is authorised in specific cases laid down in the Regulation.

Purposes of the collection of personal data: personal data is generally collected for the purposes of the PERFOLINE's and Customer Sales' activity. Furthermore, the PERFOLINE processes personal data for the following purposes: to enable data subjects to request information about the PERFOLINE and its activity; to enable interactive and personalised use of the website; to determine needs in order to provide more appropriate services; to allow Customers to take advantage of Third Party services; to facilitate the management of the PERFOLINE's marketing activities; to process applications; and for any other purposes related to the PERFOLINE's activity.

Data subject: an identified or identifiable natural person to which the personal data being processed is related to.

Policy: refers to the present document which applies to all Customers and PERFOLINE website users and concerns the Website access rules and the business relationship with the PERFOLINE.

Controller: as defined by Regulation (EU) 2016/679, « the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing. »

Website: the website www.drainastim.co.uk

Processor: as defined by Regulation (EU) 2016/679, « a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller. »

Third party: as defined by Regulation (EU) 2016/679, « a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons, who, under the direct authority of the controller or processor, are authorised to process personal data. »

Processing: as defined by Regulation (EU) 2016/679, « any operation or set of operations which performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. »

Transfer of personal data: the transfer of the PERFOLINE data to another entity or third party located within or outside the European Economic Area.

Article 2. Data collected

The PERFOLINE collects personal data for its Customers:

  • • Identification information: surnames, names, postal addresses, email addresses, telephone numbers, date of birth;
  • • Payment details: bank card details or information about other means of payment via third parties such as PayPal/CIC;
  • • Information on the relationship between the PERFOLINE and the Customer: recorded calls, instant messages on our website and Customer-generated content.

We also automatically collect personal data when you interact with the Website via your computer, your mobile device or any other device. This personal data includes the following elements:

  • • Analytical data: history of Website pages which may include data collected via cookies and other types of device identifiers, page views and ads on the Website, information about click-throughs and information about other websites that you have accessed via our Website. It may also include location data. As far as the collection of geolocation data is concerned, we only collect information that you have consented to provide.
  • • Technical device data: MAC address, IP address, Bluetooth data and advertising ID.

We also receive personal data and other online and offline information from the third parties with whom we conduct our activity, such as traders, suppliers, resellers and other companies and organisations with whom we conclude agreements regarding our activity and transactions, including advertising partners (collectively referred to as 'Business partners').

The personal data that we receive from our Business partners includes demographic, location and purchasing information. We only receive this personal information when the Business partner certifies that it is legally authorised to impart it to us. We use this information to better understand your deal preferences and the way that our traders behave, in order to offer you a better experience on the PERFOLINE website.

Data collection is carried out during different stages of your relationship, when the Customer:

  • - purchases Goods;
  • - opens or responds to emails or messages from the PERFOLINE;
  • - visits a website page that displays our ads or content;
  • - logs into or creates a link to the Website using social networking tools.

Information on segment marketing. For example, if you purchase products or services linked to health or beauty, we can assume that you are interested in these kinds of products.

Information on the audience. We create audiences based on variables such as gender, age and location (for example, men aged 25 to 35 in your city), and, if your personal data matches these audiences, you will be selected. The aim is to allow you to receive relevant advertisements.

Information on activity. Based on your responses to messages, we generate personal data on the number of messages that you wish to receive to ensure we do not send you more than are useful to you.

Article 3. Scope

The present data protection policy is applicable from 1 November 2018.

The policy applies in the event that the PERFOLINE is the controller and processes personal data on its behalf.

The geographical scope encompasses all the European Union member states in which the Goods are delivered by the PERFOLINE.

Article 4. Essential principles of data protection

1. Purpose limitation

Before processing any personal data, the PERFOLINE must ensure that said processing has an explicit, specified and legitimate purpose for which personal data is processed.

2. Legal basis, lawfulness, fairness, transparency

When processing personal data, the PERFOLINE must ensure that the processing has a legal basis.

If the processing is due to the application of a contract, it is considered to be lawful.

If the treatment is not due to the application of a contract, the PERFOLINE must demonstrate that the processing responds to a legitimate interest. The purpose of the processing must have a legitimate interest for the PERFOLINE in regard to its primary activity and should not breach data subjects' privacy.

When the processing does not meet the conditions stated above, the PERFOLINE can request the prior consent of data subjects when all the following conditions are met:

  • • Consent must be given by means of a clear, positive action (opt-in);
  • • Consent must be freely given;
  • • Consent must convey the specific, informed and unequivocal indication of the data subject's agreement.

3. Data minimisation

The processing of personal data must be strictly necessary for the purpose initially established for this processing.

4. Further compatible processing

The PERFOLINE can carry out further processing of collected data provided that this processing is compatible with the purposes for which the data was initially collected.

5. Data accuracy/quality

Over the course of the data lifecycle, the PERFOLINE must ensure the accuracy and update of said data.

6. Data storage limitation

The PERFOLINE must ensure that it does not store data for any longer than necessary for processing purposes in accordance with the provisions of article 17 c) of Regulation (EU) 2016/679.

7. Security, integrity and confidentiality measures

The PERFOLINE implements its own security measures in order to secure its IT environment against non-authorised or unlawful processing and against loss, destruction and accidental damage.

Article 5. Storage period

Personal Data collected within the scope of the sale of Goods is stored for the length of the contractual relationship between the PERFOLINE and the Customer, then for the limitation period linked to the liability actions pertaining to the Goods.

In the event of a halt in activity or the cessation of any contractual relationship for whatever reason, Personal Data is returned to the Customer then permanently deleted within the maximum timeframe specified above.

Article 7. Processing by third parties

The PERFOLINE may employ third parties for its own needs or within the scope of its activity.

When the PERFOLINE employs third parties acting as processors, it ensures that the third party:

  • - makes a purchase of Goods;
  • - informs the PERFOLINE of any request for communication of PERFOLINE personal data that the third party receives from another third party;
  • - ensures that its staff and processing services comply with the applicable legislation and participates in the signing of a special confidentiality agreement;
  • - implements a procedure that informs the PERFOLINE of any requests and complaints from data subjects that it may receive within the scope of the processing of the PERFOLINE personal data;
  • - allows the PERFOLINE to carry out data protection audits as part of personal data processing;
  • - agrees to regularly audit its processing services as part of personal data processing;
  • - cooperates with the PERFOLINE to evaluate and document the compliance of personal data processing.

For some data, identified as such within forms where they are requested from you, and subject to your agreement, Customers may agree to the transfer of their data to business partners for marketing and advertising purposes.

Article 8. Transfer of personal data within the scope of the sale of Goods

Within the scope of its activity, the PERFOLINE is likely to transfer personal data to transport service providers. The Customer irrevocably authorises the PERFOLINE to carry out these transfers to protect their interests and to allow the PERFOLINEE to effectuate the sale of Goods.

In no way can recipients in the case outlined above be considered as processors as defined in article 7 above, the Customer acting as a mandator in regard to these transfers.

Article 9. Transfer of personal data to third parties

The transfer of personal data by the PERFOLINE acting as the controller to a third party located outside the European Economic Area is governed by the adoption of standard contractual causes.

A transfer such as this will nevertheless always be possible under the provisions of article 45 of Regulation (EU) 2016/679.

Article 10. Rights of data subjects

Data subjects can enforce the PERFOLINE's present data protection policy.

If data subjects believe that the PERFOLINE has breached this policy, they must follow the procedure outlined in the present document.

In the event of failure to reach an amical settlement of differences, data subjects can seek judicial remedy.

1. Right to objection, access, rectification, portability and deletion

Data subjects have the following rights:

  • • to access data concerning them and which is processed by the company;
  • • to request the rectification, deletion, erasure, or limitation of inaccurate or incomplete personal data concerning them and personal data which is subject to processing that is inadequate or no longer lawful;
  • • to object to the processing of their personal data at any time, except if said processing is required by legislation and provided that the data subject proves that they have legitimate grounds linked to the specific situation;
  • • to receive personal data in an organised, commonly usable and machine-readable format, in the event that the processing is based on a contract or the consent of the data subject. If the processing is based on the legitimate interest of the controller or a legal obligation, the right to portability will not be mandatory.
  • • to not be subject to a decision based exclusively on automatic processing, including profiling, producing legal effects which relate to it or significantly affect it.

2. Requests for information, comments and complaints

If a user has comments or questions about the present regulations, they can direct them to the PERFOLINE by email to the following address: [email protected]

Article 11. Complaint handling procedure for data subjects

Data subjects must lodge their complaints in accordance with the following complaint handling procedure.

The PERFOLINE agrees to handle complaints within a reasonable time period and at the very latest within the month following receipt of the complaint.

This procedure also applies to requests by data subjects to exercise their right to access, update and delete personal data.

For data subject complaints regarding customers of the PERFOLINE, if the subject concerned lodges a complaint directly with the PERFOLINE, the company must inform the customer of the object of this request, inform the Customer of all the relevant information that it received from the subject concerned and expressly inform the customer that they are responsible for handling this complaint.

For further information or to exercise your rights on the processing of your personal data by the PERFOLINE, you can contact us by email at the following address [email protected], by completing the form available on the Website or by signed post accompanied by a copy of your ID to the following address: PERFOLINE - ASn'Co, 18 Op Zaemer, L-4959 Bascharage, Luxembourg.

Article 12. Privacy by default

The PERFOLINE implements data protection regulations at the start of every new project in order to ensure data subjects' privacy from the very beginning of a new product or service.

The principles and obligations of the present policy are incorporated at the start of every new project.

To ensure privacy by default and from the very beginning, the PERFOLINE makes sure to:

  • • incorporate data protection regulations from the very beginning;
  • • anticipate data protection regulations and incorporate this data at the start of every project;
  • • ensure that these privacy regulations are taken into consideration at the start of every project;
  • • ensure that a project's commitment to data protection is clearly defined and identified to facilitate compliance assessment and guarantee full transparency for the data subjects;
  • • ensure that privacy regulations are complied with throughout the product or system's lifecycle or for the entire personal data storage period.

Article 13. Personal data impact analysis

The PERFOLINE monitors the compliance of data processing with the applicable regulations.

To do this, the PERFOLINE may carry out a privacy impact assessment in specific cases and excluding processing directly linked to the sale of Goods, in order to:

  • identify the processes which pose a particular risk to data protection;
  • evaluate data protections regulations and incorporate this data into the design phase of any new project;
  • ensure the strict compliance of any processes implemented;
  • decide on the remedial action to be taken to ensure that personal data is processed in accordance with the applicable regulations.

Article 14. Personal data processing record

The PERFOLINE agrees to keep a record of its processing activity.

The PERFOLINE is responsible for ensuring that any new process is logged along with any relevant contextual information.

Article 15. Cooperation with supervisory authorities

The PERFOLINE agrees to maintain good relations with data protection authorities. To do this, the PERFOLINE will work with and agree to be audited by the data protection authorities and will follow their advice on any matters these authorities are aware of.

The PERFOLINE will decide which data protection authorities are qualified for each process in place.

Article 16. Use of cookies

The PERFOLINE's website may contain cookies that are likely to collect personal data in order to improve the website's interactivity and to effectuate the sale of Goods.

1. What is a cookie?

A cookie is a small text file, generally composed of letters and numbers which is sent to your browser, located on your computer's hard drive, via our website www.drainastim.co.uk . It might be permanent (used for subsequent visits to the website) or temporary (erased when the browser is closed).

2. Why do we use cookies?

We use cookies to improve your user experience. The use of cookies is never mandatory, and you can refuse them at any time.

3. What cookies do we use?

  • • Audience measurement cookies

These cookies anonymously collect information when you visit our website. Their aim is to enable analysis of website browsing behaviour for optimisation purposes.

  • • Social network tracker cookies

Sharing buttons on social networks use cookies to track user browsing.

4. Your cookie preferences

You can disable the storage of cookies by configuring your browser software preferences.

Refusing cookies may prevent you from accessing some website features.

  • • With Microsoft Internet Explorer

Click on the 'Tools' menu, then select 'Internet Options'

Click on the 'Privacy' tab

Select your preferred options by clicking on the tick boxes

  • • With Mozilla Firefox

Click on the 'Tools' menu, then select 'Options'

Click on 'Privacy and Security'

Select your preferred option under 'Storage options'

  • • With Google Chrome

Click on the icon that displays the settings menu

Click on 'Options'

In the 'History' section, select 'Use custom settings for history'

Choose your preferred settings

  • • With Safari

Click on the 'Safari' menu

Click on 'Preferences'

In the 'Security' tab, choose your preferred settings

Article 17. Training

The PERFOLINE agrees to run a personal data protection training programme with the aim of ensuring that its employees understand the principles and procedures specified in the present data protection Policy.

The training programme aims to provide the company's employees with:

  • des a common grounding in the principles applicable to the processing of personal data;
  • une a good understanding of existing procedures and when and how they apply;
  • une a specific training programme tailored to the functions within the company which deal most with personal data.

The training programme is followed by all of the PERFOLINE's employees.

The training programme is conducted online or in a meeting.

The training programme contains the following:

  • the basic definitions of concepts present in data protection regulations;
  • the key rules which must be complied with during the processing of personal data;
  • the key obligations that staff must be aware of when processing personal data (limited data retention period, data transfer restrictions, etc.);
  • the lorganisation organisation of data protection and an overview of the data protection policy;
  • cyber threats and practical measures to avoid personal data breaches.

Article 18. Internal Control

The PERFOLINE agrees to implement an Internal Control programme to evaluate the company's compliance with the present data protection policy.

This Internal Control programme will enable the establishment of a reasonable schedule according to which the controls will be carried out, the expected scope of this control.

Drainastim

Disclaimer

Actiscience treatments are not sold to diagnose, prevent or treat serious illnesses. If you have a serious illness please consult your doctor. Advice: expectant and
breastfeeding mothers, children under 12 and anyone receiving medical treatment should refrain from taking nutritional supplements unless prescribed by their regular
doctor. You should consult a medical professional when making any decisions about healthcare, for example in the following cases: you want to make changes to your
current treatment, you want to stop your current treatment, you want to start a new treatment.

PERFOLINE


Email: [email protected]

TELEPHONE: +44 8447 047 667

Perfoline registered in the Paris Trade and Companies Register under number 517 909 495

Registered office at Regus12/14 rond-point des Champs Elysées, Paris (75008)