“THREE5” herein after mentioned as “We” or “Us” is a luxury lifestyle brand and retailer. This Privacy Statement applies to all personal data processed by THREE5 gathered from: visitors, customers and business partners, and service providers for the following websites and applications: www.three5.shop
Information we collect
We process personal information to deliver our service or to comply with (international) law.
The information we collect is collected and processed in strict accordance with the EU GDPR law (and other applicable laws) and only used for the purposed listed in this privacy statement.
If you have any questions about this privacy statement or if you would like to file a complaint with us, please send us an email to: firstname.lastname@example.org.
What personal data is processed
We process certain information of you that either is collected automatically, or that you supply voluntarily. This information includes name, address, email address and telephone number. We also process your financial data to facilitate payment for our services. All of the information collected is processed strictly in accordance with this privacy statement. We process the following personal data:
– Personal data, such as your first name and last name.
– Contact data, such as your e-mail address, telephone number and address.
– Login details, such as user name and password
– Purchase history, such as price, product and purchase date.
– Payment data, such as transaction history, outstanding claims, bank account number, creditcard data.
– Correspondence, such as communications with our customer service or marketing communications.
– Preferences, such as choice of language and e-mail preferences.
– Technical data, such as IP address, cookies, log files.
– Statistics on the use of the website, such as how many times certain pages are visited and which products are the most popular.
– Interests, such as what (kind of) products you look at the most and on which advertisements you click.
Other personal data you provide to us
It may occur that you provide other data to us than the categories mentioned above, for instance with regard to communications of the customer service or when filing a complaint. In that case, we shall process these data to the extent necessary to deal with and handle your request or complaint.
Why & Grounds
We process your personal data based on the following legal grounds, depending on how you interact with our website.
When you purchase THREE5 products on our website we need to process your personal information to execute our agreement. For example we need payment and contact information to process the order.
Comply with the law: we may process or keep information to comply with legal obligations. We also use your information to investigate suspected fraud, illegal activities, violations of our terms of service, or threats to the safety of our personnel or website.
We don’t share your information with third parties unless strictly required in order to honor our contract with you, to provide a service for which you have given specific and explicit consent (such as our newsletter), or to comply with local and international law.
THREE5 has some partners inside/outside the Economic European Zone. We will make sure that the information that is shared will have an adequate level of protection. We will enforce this through our processing agreements with them. For an overview of all the personal information shared with third parties please reach out to email@example.com
As someone who uses our services, you have a couple of rights under the GDPR you should be aware of.
– The right of erasure.
– The right of correction.
– The right of insight.
– The right to dataportability.
The right of access means that you have the right to see what information we all process about you. Do you feel that the information we have about you is incorrect? Then you can exercise your right to correction, this means that you have the right to change the data we have about you. You also have the right to removal, which means that we delete the data that we have from you. However, it may be that we still keep this data but then anonymous, this means that the data can no longer be traced back to you, but that we still keep it for example for statistics. We may in some cases also be legally unable to delete this data, this is a legal obligation. For more information about exceptions to the right of removal (oblivion), please visit the site https://gdpr-info.eu/art-17-gdpr/ and see paragraph 3.
To transfer data between our websites, our applications and backends, communication is encrypted using the SSL (Secure Socket Layer) encryption. We protect the systems and processing by a series of technical and organizational measures. These include data encryption, pseudonymization and anonymization, logical and physical access restriction and control, firewalls and recovery systems, and integrity testing. Our employees are regularly trained in the sensitive handling of personal data and are obliged to observe data secrecy in accordance with legal requirements.
We do not knowingly gather or otherwise process personal data of minors under the age of 16. If we notice that one of our users/visitors is a minor we’ll immediately take steps to remove their information. If you believe we have processed or still hold information on minors, please send us an email at firstname.lastname@example.org and we’ll remove it A.S.A.P.
We will never retain the data longer than is legally allowed, this can be different for different types of data. For more information on dataretainment terms per data proces please please send us an email at email@example.com.
Changes in the privacy statement
The effective date at the bottom of this page indicates when this Privacy Statement was last revised. We will notify you before any material change takes effect so that you have time to review the changes. Any change is effective when we post the revised Privacy Statement. Your use of the Services following these changes means that you accept the revised Privacy Statement.
You also have the right to file a complaint with the national supervisory authority. If you’re unsure which agency this is, please refer to: http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm
Last update: 16 June 2020