Privacy Policy

Ethique Limited of 71-75 Shelton Street, Covent Garden, London, England, WC2H 9JQ (“we”, “us” or “our”) take our privacy obligations seriously. In this Privacy Policy, “you” and “your” refers to the individual providing Personal Information to us. Personal Information is information relating to an individual that can be used to identify an individual or which is linked to an identified individual.

This Privacy Policy explains how we collect, hold, use and disclose your Personal Information. You should only use our website www.ethique.co.uk, (“this website”), and purchase products from it, if you understand and do not object to the practices set out in this Privacy Policy.]

This Privacy Policy should be read alongside our Terms of Service (“Terms of Service”), which explain the contract in place between us in relation to your purchase of products and use of this website.

SECTION 1 – what information do we collect from you?

When you purchase something from our store, as part of the buying and selling process, we collect the following Personal Information from you:

• your name, date of birth, email address, delivery address, and phone number
• billing information, credit card number and whether you are a participant in our Loyalty Programme
• details of the products purchased

When you create an account we collect your name, email address, delivery address and phone number.  You must also set a password.

There may also be other voluntary information that we ask for when completing the forms to create an account, join the Loyalty Programme, place an order for products, sign up to be a product tester and sign up to receive marketing materials.

This information is used for communicating with you and responding to your requests, to enable us to provide our products to you, and to arrange for the delivery of our products to you.

When you browse our store, we also automatically receive certain information including “cookies” and your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.

With the exception of cookies that are strictly necessary for the website to function, providing your Personal Information to us is voluntary. However, if the Personal Information we request is not provided to us, we will not (depending on the context) be able to supply the products ordered to you, provide the Loyalty Programme discount or create an account for you.

SECTION 2 – how do we collect your personal information?

We collect your Personal Information when you provide it to us, such as when you sign up for an account or to receive marketing communications, when you make an enquiry with us, when you add items to your online cart, and when you confirm a product order. We also collect your Personal Information through your use of our website.

We also use social media services such as Facebook, Twitter, Instagram, Pinterest and Google Plus. These services may be linked to our website through the use of social media buttons. Your use of these third party services is entirely optional. We may collect and use any information that you: (i) generate by using a social media button; or (ii) otherwise make public when you use any such third party social media service for the purposes of our business. Whilst our use of any Personal Information collected via social media buttons or from public social media profiles is governed by this Privacy Policy, your use of those third party services are governed by the privacy policies and/or practices of those social media companies, for which we are not responsible. If you do not wish to provide your Personal Information to any of those third parties, or make information publicly available, you should not use their particular service.

Please do not provide us with Personal Information about other individuals (including the email addresses of third parties you refer when using our Loyalty Programme), unless you have obtained the consent of the individual to do so. By providing Personal Information relating to a third party, you warrant that you are authorised to do so and that you have ensured the individual is aware of the information in this Privacy Policy.

SECTION 3 – how do we use your personal information and what legal bases do we rely upon?

We collect, use and disclose your Personal Information only where we have a legal basis to do so. The purposes for which we will process your Personal Information, and the legal bases we rely upon, are as follows:

Purpose	Legal Basis
To fulfil your order, including for the purposes of confirming your order, delivering the products ordered to you, responding to returns or any queries in relation to your order, and operating our Loyalty Programme	Performance of our Terms of Service
To create and manage a customer account	Performance of our Terms of Service
To communicate with you or answer your queries, outside of an order process (and excluding marketing communications, see below)	Our legitimate interest in providing customer service and notifying you of important or relevant developments
To send you and then process customer satisfaction / feedback surveys	Our legitimate interest in understanding the customer experience in order to make improvements to it (either for you personally or for all customers)
Collecting Personal Information via non-essential cookies and similar technologies	Consent
Collecting Personal Information via essential cookies and similar technologies	Our legitimate interest in providing a functional and secure browsing experience or Compliance with a legal obligation
Sending you marketing and promotional materials, including special offers, discounts, market research etc.	Consent or Our legitimate interest in promoting our products and services to you (where you are purchasing or considering purchasing products and we provide you with an opportunity to opt-out of marketing when your Personal Information is collected)
Analysing our customer data, including profiling customer shopping behaviours and use of this website	Our legitimate interest in understanding how our customers use this website in order to develop and improve our products and services
Enforce our Terms of Service and our legal rights	Our legitimate interest in protecting our business and its reputation, as well as establishing, exercising or defending our legal rights
Comply with requests from law enforcement and other government agencies	Compliance with a legal obligation or Our legitimate interest in assisting law enforcement and other government agencies in the performance of their duties

 

We may collect, use and disclose your Personal Information for any other purposes permitted by applicable law, or with your consent.

SECTION 6 – THIRD PARTY SERVICES

In addition to Shopify (see Section 9), we use third-party service providers to facilitate your payment for an order, to deliver the products you order to you and to send many of our marketing communications.

The third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us, subject to our instructions. We will not authorise any of these other third parties to use your Personal Information for their own purposes, except where it is necessary for the third party to enforce its legal rights, or to comply with its legal obligations.

We may transfer (or authorise Shopify to transfer) your Personal Information to other third party services providers (such as those described in the other sections of this Privacy Policy) to perform services on our behalf, to process the Personal Information on our behalf, or to hold it on our behalf.

If you choose a direct payment gateway to complete your purchase, then your credit card data is stored only with the third party payment gateway. It is encrypted in accordance with the Payment Card Industry Data Security Standard (PCI-DSS).

All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.

PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.

Once you leave this website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s Terms of Service.  You should review their privacy policy when you are on their website.

When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.

SECTION 7 – Disclosure to third parties

In addition to our disclosures made to third party services providers in the course of our business with you, we may also disclose your Personal Information for the following purposes:

• Within the Ethique group of companies, as necessary to provide our products and services to you, or for other purposes described in Section 3.
• To enforce our Terms of Service
• Where required by law such as to comply with a subpoena or similar legal process
• When we believe on reasonable grounds that disclosure is necessary to protect our property, legal rights, your safety or the safety of others
• In order for us, or other authorised agencies (such as credit card and payment facility providers) to detect, investigate, prevent or address fraud, security or technical issues
• To respond to a government or regulator request to which we are obliged by law to respond, or where we are otherwise permitted to respond under applicable laws
• To a potential or actual third party purchaser of our business or assets if, in the future, we sell or transfer some or all of our business or assets to a third party.
• To any third party with your prior consent.

We may also share in aggregate, statistical form, non-personal information (or, where permitted by law, Personal Information) regarding the visitors to our website, traffic patterns, and website usage with our partners, affiliates or advertisers

SECTION 8 – international transfers

Ethique is a New Zealand headquartered company.  In order to process your order and to communicate with you, your Personal Information must be transferred to and processed in New Zealand.

New Zealand is recognised by the UK Government and the European Commission as providing an adequate level of protection for Personal Information.

Some of our service providers may process your Personal Information in countries outside of the UK, EEA and New Zealand, such as the United States of America.  In these cases, we will ensure that our contracts with those service providers contain appropriate safeguards for your Personal Information, such as the EU or UK standard contractual clauses.  You have a right to contact us for more information about these safeguards we have put in place (including a copy of relevant contractual commitments).

Please also note that your Personal Information is processed by Shopify in Canada, as explained in the next section. 

SECTION 9 – Shopify Plus

Our store is hosted on Shopify Plus which is provided by Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products to you.

Your Personal Information collected through this website is disclosed to Shopify and stored in Shopify’s data storage, databases and the general Shopify application. They store your Personal Information in compliance with industry standards.

Shopify also collects your Personal Information for the purposes set out in their Privacy Statement.  You can view their Privacy Statement here: https://www.shopify.com/legal/privacy. In summary, this information is collected when you access our online store, place a product order, or sign up for an account with us. Personal Information collected by Shopify is used to provide us with their e-commerce services, such as processing orders, authenticating and processing payments, screening for fraudulent transactions, improving the services Shopify offers and, if you have opted in to Shopify Pay, to pre-fill your checkout information and to offer you customised advertising.

Shopify may also share your Personal Information with third parties where it is necessary to prevent or take action against illegal activity, where you have violated Shopify’s Terms of Service, where it is necessary to comply with any legal obligations, or where we have authorised the transfer of your Personal Information to other third parties (such as payment gateways). For full details, please review the Shopify Privacy Statement here:  https://www.shopify.com/legal/privacy.

For more insight, you may also want to read Shopify’s Terms of Service found here https://www.shopify.com/legal/terms.

When you provide us with your Personal Information, you are sending your Personal Information to the places where the Shopify servers are located. Shopify is also collecting and holding that Personal Information in accordance with their privacy policy.  Shopify’s address is 150 Elgin St., 8th Fl, Ottawa, ON K2P 1L4, Canada.  Commercial organisations operating in Canada are also recognised by UK Government and the European Commission as providing an adequate level of protection for Personal Information.

SECTION 10 – retention of your Personal Information

We will retain your Personal Information for the duration of your relationship with us (including where you hold an active account with us), as needed to provide you with our products (including where you have consented to receiving marketing communications).

Once you are no longer an active customer, we will only retain Personal Information if necessary to comply with our legal obligations, resolve disputes, or enforce our Terms of Service.

If you wish to cancel your account, please contact us at hello@ethique.com.

SECTION 9 – SECURITY

To protect your Personal Information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.

The security of your information depends in part on the security of the computer you use to communicate with us (including using an up-to-date browser and appropriate anti-virus software), and the steps you take to protect the confidentiality of your account information, including your password.

SECTION 10 – cookies and similar technologies

Like most sites, this website stores or retrieves information on your browser in the form of cookies (and we may also use related technologies such as beacons, tags and scripts).  Cookies are small text files that are placed on your computer or mobile device by websites that you visit.  The information stored or retrieved by cookies might be about you, your preferences or your device and is mostly used to make the site work as you expect it to.

Cookies may be either "persistent" cookies or "session" cookies. This website uses both persistent and session cookies:

• A persistent cookie will not be automatically deleted when the browser is closed but is stored by the browser and will remain valid until its set expiry date (unless deleted by the user before the expiry date).  This allows us to remember things about you (such as your preferences) between browsing sessions. 
• A session cookie is stored temporarily during a browsing session and will expire at the end of the user session, when the web browser is closed. 

We use cookies and related technologies for the following purposes:

• Essential – this includes the use of any cookies that are necessary in order to transmit information over an electronic communications network (and therefore make it possible for you to view the website), as well as any cookies that are strictly necessary in order to make the website function (for example, remembering information input into a webform during a browsing session, or remembering items placed in your shopping cart).  This includes cookies used to comply legal obligations which apply to our website, such as our obligation to take appropriate steps to secure Personal Information input into the website.  It is not possible for you to control our use of essential cookies.
• Personalisation – cookies used to remember your preferences (such as login details, language, font size, privacy settings and other display preferences) over a period of time, so you don’t have to keep re-entering them whenever you come back to the website or browse from one page to another.
• Analytics – cookies used to collect information about your use of the website in order to understand how users interact with the website, and then make changes in order to improve the website for all users.
• Advertising – cookies used to serve advertising based on your internet activity and to track the success of our advertisements across the web. These cookies may also be set through our site by our advertising partners.

We have listed the cookies we use here:

• Google Analytics.  We use Google Analytics, operated by Google Inc, to help us analyse the use of our website. Google Analytics uses cookies to generate information about your use of our website (such as your IP address, transaction IDs and email hash), which is pseudonomised and stored on Google servers within the United States of America. Google will only use this information for the purposes of evaluating your use of our website, compiling activity reports for us, and carrying out associated website activity and internet usage services.

The rest of the cookies we use are set on our behalf by Shopify.  Please refer to the “Merchant storefronts” section of the Shopify Cookie Policy for more information about these.

When you first navigate to our website, you are asked to provide your consent to cookies. 

As well as using the pop-up consent mechanism, you can control acceptance of cookies by modifying your Internet browser preferences.

 

SECTION 11 - CHANGES TO THIS PRIVACY POLICY

We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it.

SECTION 12 – RIGHTS IN RELATION TO YOUR PERSONAL INFORMATION

Subject to certain exemptions, and in some cases dependent upon the legal basis we rely upon (see Section 3), you have certain rights in relation to your Personal Information. These include rights:

• To access personal information
• To rectify / erase personal information
• To restrict the processing of your personal information
• To transfer a portable copy of your personal information
• To object to the processing of personal information (where it is based on our ‘legitimate interests’)
• To prevent us from using your Personal Information for direct marketing purposes – the easiest way to exercise this right is to click on the ‘unsubscribe’ link in our emails
• To obtain a copy of Personal Information safeguards used for transfers outside your jurisdiction
• To lodge a complaint with your local supervisory authority. You can also contact the New Zealand Office of the Privacy Commissioner at http://www.privacy.co.nz.

We may ask you for additional information to confirm your identity and for security purposes, before complying with your request. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive.

You can exercise your rights by contacting our Privacy Compliance Officer at hello@ethique.com or at Unit 15, 3 Stark Drive, Wigram, Christchurch, South Island, New Zealand, 8042.

Subject to legal and other permissible considerations, we will make every reasonable effort to honour your request promptly or inform you if we require further information in order to fulfil your request. 

We may not always be able to fully address your request, for example if it would impact the duty of confidentiality we owe to others, or if we are legally entitled to deal with the request in a different way.