OUR PRIVACY PROMISE
1) We respect your privacy and your choices.
2) We make sure that privacy and security are embedded in everything we do.
3) We do not send you marketing communications unless you have asked us to. You can change your mind at any time.
4) We never offer or sell your data.
5) We are committed to keeping your data safe and secure. This includes only working with trusted partners.
6) We are committed to being open and transparent about how we use your data.
7) We do not use your data in ways that we have not told you about.
8) We respect your rights, and always try to accommodate your requests as far as is possible, in line with our own legal and operational responsibilities.
The more you interact with us, the more you let us know you and the more we are able to offer you tailored services.
When you share personal data with us or when we collect personal data about you, we use it in line with this Policy.
Please read this information. If you have any questions or concerns about your
personal data, please contact us at firstname.lastname@example.org.
Who are we?
What is personal data?
What data do we collect from you and how do use it?
How do we collect or receive your data?
Automated Decision Making
Who may access your personal data?
Where we store your personal data?
How long do we keep your personal data?
Is my Personal data secure?
Links to Third Party Sites and Social Login
Social media and user generated content
Your rights and choices
WHO WE ARE?
Cigalah Medpharm Trading LLC is responsible for the personal data that you share with us. When we say “Cigalah Medpharm”, “us”, “our” or “we”, this is who we are referring to. Cigalah Medpharm is the “data controller” for the purposes of applicable data protection laws.
WHAT IS PERSONAL DATA?
“Personal data” means any information or pieces of information that could identify you either directly (e.g. your name) or indirectly (e.g. through pseudonymized data such as a unique ID number). This means that personal data includes things like email/home addresses/mobile phone, usernames, profile pictures, personal preferences and shopping habits, user generated content, financial information, and welfare information. It could also include unique numerical identifiers like your computer’s IP address or your mobile device’s MAC address, as well as cookies.
WHAT DATA DO WE COLLECT FROM YOU AND HOW DO WE USE IT?
Cigalah Medpharm believes that you, the consumer, are at the heart of what we do. We love hearing from you, learning about you, and creating and delivering products that you enjoy. And we know that many of you love talking to us. Because of this, there are many ways that you might share your personal data with us, and that we might collect it.
HOW DO WE COLLECT OR RECEIVE YOUR DATA?
We might collect or receive data from you via our websites, forms, apps, devices, Cigalah Medpharm products or brands pages we represent in the region on social media or otherwise. Sometimes you give this to us directly (e.g. when you create an account, when you contact us, when you purchase from our websites/apps or stores/beauty salon), sometimes we collect it (e.g. using cookies to understand how you use our websites/apps).
When we collect data, we indicate the mandatory fields via asterisks where such data is necessary for us to:
– Perform our contract with you (e.g. to deliver the products you have purchase on our websites/apps);
– Provide you with the service you have asked for (e.g. to provide you with a newsletter); or
– Comply with legal requirements (e.g. invoicing).
If you do not provide the data marked with an asterisk, this may affect our ability to provide the products and services.
1) During what interaction your data may be provided or collected? For example, whether you are making a purchase, signing up to a newsletter, or browsing a website/app.
2) What personal data may we receive from you directly or resulting from your interaction with us? For example, email address, your full name, phone number, shipping address etc.
3) What is the legal basis for using your personal data? Depending on the purpose for which the data is used, the legal basis for the processing of your data can be:
- Your consent;
- Our legitimate interest, which can be:
- Improvement of our products and services: more specifically, our business interests to help us better understand your needs and expectations and therefore improve our services, websites /Apps/devices, products and brands for our consumers’ benefit;
- Fraud prevention: to ensure payment is complete and free from fraud and Misappropriation;
- Securing our tools: to keep tools used by you (our websites/Apps/devices) safe and secure and to ensure they are working properly and are continually improving;
- The performance of a contract: more specifically to perform the services you request from us;
- Legal grounds where processing is required by law.
AUTOMATED DECISION MAKING
For purposes of securing transactions placed through our websites/apps/devices against fraud and misappropriation, we use third party provider’s solution(s).The method of fraud detection is based on, for example, simple comparisons, association, clustering, prediction and outlier detections using intelligent agents, data fusion techniques and various data mining techniques.
This fraud detection process may be completely automated or may involve human intervention where a person takes the final decision. In any case, we take all reasonable precautions and safeguards to limit access to your data.
As a result of automatic fraud detection, you may (i) experience delay in the processing of your order / request whilst your transaction is being reviewed by us; and (ii) be limited or excluded from the benefit of a service if a risk
of fraud is identified. You have the right to access information on which we base our decision. Please see “Your Rights and Choices” section below.
When we send or display personalized communications or content, we may use some techniques qualified as “profiling” (i.e. any form of automated processing of personal data consisting of using those data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s personal preferences, interests, economic situation, behavior, location, health, reliability, or movements). This means that we may collect personal data about you in the different scenarios mentioned in the table above. We centralize this data and analyze it to evaluate and predict your personal preferences and/or interests. Based on our analysis, we send or display communications and/or content tailored to your interests/needs.
You have the right to object to the use of your data for “profiling” in certain circumstances. Please see “Your Rights and Choices” section below.
WHO MAY ACCESS YOUR PERSONAL DATA?
We may share your personal data within Cigalah Medpharm Trading to comply with our legal obligations, to prevent fraud and/or to secure our tools, to improve our products and services, or after having obtained your consent to do so.
Depending on the purposes for which they were collected, and only on a need-to-know basis some of your personal data may be accessed by Cigalah Medpharm Trading entities worldwide, where possible in a pseudonymized way (not allowing direct identification), and where necessary to provide you with requested services.
- To monitor and prevent any undesirable effect linked to the use of our products;
- To perform studies relating to the safe use of our products;
- To perform and follow-up on corrective measures taken, where needed.
- To comply with the legal obligation to monitor undesirable effects of its products.
Where permitted, we may also share some of your personal data including those collected through Cookies between our brands to harmonize and update the information you share with us, to perform statistics based on your characteristics and to tailor our communications.
Please explore the Cigalah Medpharm website, for further details on the Cigalah Medpharm Trading LLC, its brands and its locations.
We may share your personal data for marketing purposes with third party or entities of the Cigalah Group.
We only share your personal data with third parties for direct marketing purposes with your consent. In this context, your data is processed by such third party, acting as a data controller, and its own terms and conditions and privacy notice apply. Your personal data may also be processed on our behalf by our trusted third-party providers. We rely on trusted third parties to perform a range of business operations on our behalf. We only provide them with the information they need to perform the service, and we require that they do not use your personal data for any other purpose. We always use our best efforts to ensure that all third parties we work will keep your personal data secure. For instance, we may entrust services that require the processing of your personal data to:
- Third parties that assist and help us in providing digital and e-commerce services such as social listening, store locator, loyalty programs, identity management, ratings and reviews, CRM, web analytics and search engine, user generated content curation tools;
- Advertising, marketing, digital and social media agencies to help us to deliver advertising, marketing, and campaigns, to analyze their effectiveness, and to manage your contact and questions;
- Third parties required to deliver a product to you e.g. postal/delivery services;
- Third parties that assist and help us in providing IT services, such as platform providers, hosting services, maintenance and support on our databases as well as on our software and applications that may contain data about you (such services could sometimes imply access to your data to perform the required tasks);
- Payment service providers and credit reference agencies for the purpose of assessing your credits core and verifying your details where this is a condition of entering into a contract with you;
- Third parties that assist us for customer care and cosmeto vigilance purposes.
We may also disclose your personal data to third parties:
- If we have your consent to do so
- Or if we are permitted to do so by law.
We may disclose your personal data to our partners:
In the event the service you subscribe to was co-created by Cigalah Medpharm Trading LLC and a partner (for example, a cobranded app). In such case, Cigalah Medpharm Trading LLC and the partner process your personal data each for their own purposes and as such your data is processed:
We do not offer or sell your personal data.
When we use Google advertising services on our websites / apps, Google will access and use your Personal Data. If you wish to learn more on how Google uses your Personal Data in this context, please consult their Google Privacy & Terms which govern these services and data processing.
Information that Facebook collects and share with us.
All Facebook features and services available on our website/app are governed by the Facebook Data Policy, in which you can get more info about your privacy rights and settings options. By using this website/app, you may:
- sign-up with your Facebook login. If you do so, you consent to share some of your public profile information with us;
- use the Facebook social plug-ins, such as “like” or “share” our content on the Facebook platform;
- accept cookies from this website/app (also identified as “Facebook Pixel”) that will help us understand your activities, including information about your device, how you use our services, the purchase you make and the ads you see, whether or not you have a Facebook account or are logged into Facebook.
When you’re using those Facebook features, we collect data that help us to:
- show you adds you might be interested in on Facebook (or Instagram, Messenger or any other Facebook services);
- measure and analyze the effectiveness of our website/app and adds.
We may also use the personal information you gave us on this website/app (such as your name and surname, email, address, gender and phone number) to identify you in Facebook (or Instagram, Messenger or any other Facebook services) in order to show you adds that are even more relevant for you. While doing this, Facebook will not share your personal information and will delete the information promptly after the match process is complete.
WHERE WE STORE YOUR PERSONAL DATA
The data that we collect from you may be transferred to, accessed from, and stored at a destination outside the European Economic Area (“EEA”). It may also be processed by staff members operating outside the EEA who work for us or for one of our service providers.
Cigalah Medpharm Trading LLC transfers personal data outside of the EEA only in a secure and lawful way. As some countries may not have laws governing the use and transfer of personal data, we take steps to make sure that third parties adhere to the commitments set out in this Policy. These steps may include reviewing third parties’ privacy and security standards and/or entering into appropriate contracts. For further information, please contact us as per the “Contact” section below.
HOW LONG DO WE KEEP YOUR PERSONAL DATA?
We only keep your personal data for as long as we need it for the purpose for which we hold your personal data, to meet your needs, or to comply with our legal obligations.
To determine the data retention period of your data, we use the following criteria:
- Where you purchase products and services, we keep your personal data for the duration of our contractual relationship;
- Where you participate in a promotional offer, we keep your personal data for the duration of the promotional offer;
- Where you contact us for an enquiry, we keep your personal data for the duration needed for the processing of your enquiry;
- Where you create an account, we keep your personal data until you require us to delete it or after a period of inactivity (no active interaction with brands) defined in accordance with local regulations and guidance;
- Where you have consented to direct marketing, we keep your personal data until you unsubscribe or require us to delete it or after a period of inactivity (no active interaction with brands) defined in accordance with local regulations and guidance;
- Where cookies are placed on your computer, we keep them for as long as necessary to achieve their purposes (e.g. for the duration of a session for shopping cart cookies or session ID cookies) and for a period defined in accordance with local regulations and guidance.
We may retain some personal data to comply with our legal or regulatory obligations, as well as to allow us to manage our rights (for example to assert our claims in Courts) or for statistical or historical purposes.
When we no longer need to use your personal data, it is removed from our systems and records or anonymized so that you can no longer be identified from it.
IS YOUR PERSONAL DATA SECURE?
We are committed to keeping your personal data secure and taking all reasonable precautions to do so. We contractually require that trusted third parties who handle your personal data for us do the same. We always do our best to protect your personal data and once we have received your personal data, we use strict procedures and security features to try to prevent unauthorized access. As the transmission of information via the internet is not completely secure, we cannot guarantee the security of your data transmitted to our site. As such, any transmission is at your own risk.
LINKS TO THIRD PARTY SITES AND SOCIAL LOGIN
Our websites and Apps may from time to time contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we are not responsible or liable for these policies. Please check these policies before you submit any personal data to these websites.
SOCIAL MEDIA AND USER GENERATED CONTENT
Some of our websites and Apps allow users to submit their own content. Please remember that any content submitted to one of our social media platforms can be viewed by the public, so you should be cautious about providing certain personal data e.g. financial information or address details. We are not responsible for any actions taken by other individuals if you post personal data on one of our social media platforms and we recommend that you do not share such information.
YOUR RIGHTS AND CHOICES
Cigalah. Medpharm Trading LLC respects your right to privacy: it is important that you are able to control your personal data. You have the following rights:
- The right to be informed. You have the right to obtain clear, transparent and easily understandable information about how we use your personal data, and your rights. This is why we are providing you with the information in this Policy.
- The right of access. You have the right to access to the personal data we hold about you (subject to certain restrictions). We may charge a reasonable fee taking into account the administrative costs of providing the information. Requests manifestly unfounded, excessive or repetitive may not be answered to. To do this, please contact us at the details below.
- The right to rectification. You have the right to have your personal data rectified if it is incorrect or outdated and/or completed if it is incomplete. To do this, please contact us at the details below. If you have an account, it may be easier to correct your own data via your “My Account” function.
- The right to erasure/right to be forgotten. In some cases, you have the right to have your personal data erased or deleted. Note this is not an absolute right, as we may have legal or legitimate grounds for retaining your personal data. If you would like us to delete your personal data, please contact us at the details below.
- The right to object to direct marketing, including profiling. You can unsubscribe or opt out of our direct marketing communication at any time. It is easiest to do this by clicking on the “unsubscribe” link in any email or communication we send you. Otherwise, you can contact us using contact detail below. If you would like to object to any profiling, please contact us at the details below.
- The right to deactivate Cookies You have the right to deactivate Cookies. The settings from the Internet browsers are usually programmed by default to accept Cookies, but you can easily adjust it by changing the settings of your browser. Many cookies are used to enhance the usability or functionality of websites/apps; therefore, disabling cookies may prevent you from using certain parts of our websites/apps as detailed in the relevant Cookie Table. If you wish to restrict or block all the cookies which are set by our websites/apps (which may prevent you from using certain parts of the site), or any other websites/apps, you can do this through your browser settings. The Help function within your browser should tell you how. For more information please consult the following links: http://www.aboutcookies.org/.
To deal with your request, we may require proof of your identity.
If you have any questions or concerns about how we treat and use your personal data or would like to exercise any of your rights above, please contact us at email@example.com.