Privacy Policy
Flava UK (“we,” “us,” “our”) is committed to upholding your privacy and safeguarding the personal information you provide to us when using our website, flavauk.com (“Website”). This Privacy Policy outlines how we collect, use, disclose, store, and protect your personal data in compliance with applicable privacy legislation, including the United Kingdom General Data Protection Regulation (“UK GDPR”), the European Union General Data Protection Regulation (“EU GDPR”), and the California Consumer Privacy Act (“CCPA”), as amended.
By accessing or using flavauk.com, you acknowledge and accept the practices described in this Privacy Policy.
1. Our Commitment to Privacy and Data Protection
At Flava UK, respecting the integrity, confidentiality, and security of your personal information is central to our operations. We prioritize a privacy-first approach, ensuring transparency and control over the use of your personal data throughout your interactions with flavauk.com.
2. Scope of This Policy and Our Role as Data Controller
This Privacy Policy applies to all personal data collected or processed through flavauk.com or related communications. We act as the “data controller” of your personal information—meaning we determine the purposes and means of processing your information under applicable data protection laws.
3. Categories of Personal Data We Process
We may collect and process the following categories of personal data:
a. Usage Data
Includes data about how you use our Website, such as your browser type and version, IP address, time zone setting, session duration, pages visited, and navigation paths.
b. Account Data
Includes your full name, billing and shipping address, email address, and telephone number provided during account registration or checkout.
c. Profile Data
Includes your saved items, purchase history, preferences, customer behavior patterns, and interactions with personalized content.
d. Communication Data
Includes the contents of your communications with our support team, including emails, chat messages, and call summaries.
e. Technical Data
Includes data collected from the device and systems you use, such as unique device identifiers, operating system details, language preferences, and browser plug-in types.
f. Transaction Data
Includes payment information, transaction history, shipping details, and billing records processed through verified payment providers.
g. Preference Data
Includes your marketing preferences, product interest selections, subscription settings, and consent choices.
4. Legal Bases for Processing Your Data
Under the UK GDPR and EU GDPR, we rely on the following lawful bases:
– Consent: For sending marketing communications or placing non-essential cookies, based on your affirmative consent.
– Contractual Necessity: For processing required to perform a contract with you, such as order fulfillment or user account management.
– Legitimate Interests: For improving Website performance, fraud prevention, analytics, and customer service, provided such interests are not overridden by your rights and freedoms.
– Legal Obligation: To comply with legal duties, such as tax and regulatory requirements.
Where CCPA applies, data is collected and processed based on specific legitimate business purposes.
5. Your Rights Under Data Protection Law
You have the following rights concerning your personal data:
– Right of Access: To request a copy of the data we hold about you.
– Right to Rectification: To correct inaccurate or incomplete personal data.
– Right to Erasure: To request deletion of your data, subject to legal exceptions.
– Right to Restriction: To request limiting processing in certain circumstances.
– Right to Data Portability: To receive your data in a portable, commonly used format, and to request its transfer to another controller.
– Right to Object: To object to processing based on legitimate interest or direct marketing.
– Rights under CCPA: Including the rights to know about, access, delete, and opt-out of the sale or sharing of personal information.
You may exercise these rights by contacting us at [email protected]. We may require verification before fulfilling your request.
6. Security Measures to Protect Your Data
We utilise industry-standard technical and organizational security measures, including:
– Encryption of data in transit and at rest
– Secure authentication protocols
– Access controls on personnel and systems
– Regular data backups and resilience testing
– Mandatory staff training on data handling and cybersecurity
7. International Data Transfers
If your personal data is transferred outside the United Kingdom, European Economic Area (EEA), or your country of residence, we ensure appropriate safeguards such as the UK International Data Transfer Agreement, EU Standard Contractual Clauses (SCCs), or equivalent legal mechanisms are in place to maintain adequate protections.
8. Data Retention
We retain your personal data only as long as necessary:
– Usage Data: Retained for up to 12 months for analytics purposes.
– Account Data: Retained while the account remains active and for up to 6 years after closure.
– Profile and Preference Data: Retained for 3 years after your last interaction with us.
– Transaction Data: Retained for a minimum of 6 years in line with legal and taxation regulations.
– Communication Data: Retained for 2 years for quality and support audits.
– Technical Data: Stored for up to 12 months for diagnostics.
Data may be stored longer if subject to legal or enforcement obligations.
9. Cookie Policy
We use cookies and similar technologies to enhance user experience on flavauk.com. Cookies placed on your browser fall into the following categories:
– Essential Cookies: Required for the basic functioning of our Website (e.g., login, cart functionality).
– Functional Cookies: Allow customization of the Website according to your preferences.
– Analytics Cookies: Help us understand Website usage, source traffic, and behavior using services like Google Analytics.
– Performance Cookies: Optimize performance and loading speeds, such as through content distribution networks.
10. Cookie Management and Compliance with GDPR & CCPA
You have the right to manage your cookie preferences. On your first visit, you will be presented with the option to accept or reject non-essential cookies in line with GDPR and CCPA. You can update your preferences at any time via our cookie settings panel or by adjusting your browser settings to block or delete cookies. However, disabling essential cookies may affect functionality.
Do Not Track (DNT) signals are recognized and respected in accordance with applicable laws.
11. Children’s Data – Special Protections for Under 13
flavauk.com is not directed to, nor do we knowingly collect, data from children under the age of 13. If we become aware that we have inadvertently collected personal data from a child under 13, we will delete such data promptly. Parents or guardians may contact us directly at [email protected] to request deletion.
12. Changes to This Policy
We may revise this Privacy Policy from time to time to reflect legal, technical, or business developments. Material changes will be communicated via notice on our Website or directly to users where required by law. Continued use of flavauk.com constitutes your acceptance of the revised policy.
13. Contact Us
If you have any questions, concerns, or wishes to exercise your privacy rights, please contact:
Flava UK
Email: [email protected]
Subject: Privacy Inquiry
We are fully committed to compliance with all applicable data protection laws and regulations. If you believe we have not addressed your concerns adequately, you have the right to lodge a complaint with your local supervisory authority.
Thank you for trusting Flava UK with your personal information.