Policy and cookies

Policy

 GDPR

EMITÉ MAKE UP

Version 2018-05-25

1. Introduction

This Privacy Policy describes how EMITÉ MAKE UP AB (we, us or our), corp. reg. no. 556795-8250, at the address Olof Palmes Gata 18, 111 37 Stockholm, handles user personal data.

Users of our website and services (you, your) can provide personal data to us when visiting our website and when using our services. You can do this in your capacity of a private individual or as representative of a company. We may also obtain your personal data from third party sources. We act as the data controller of personal data obtained accordingly and of its processing in accordance with this Privacy Policy. 

We safeguard your personal integrity. It is therefore important for us to protect your personal data and ensure that our processing of your personal data is correct and lawful. This Privacy Policy will help you to understand what kind of personal data about you we collect and how it is used when you are using our website and services, as well as your rights as a data subject. You may exercise your rights by contacting support@emitemakeup.com. We ask that you read this Privacy Policy carefully and familiarize yourself with its content, since it applies to all use of our website and services, regardless of who you are and our relationship with you. 

We may sometimes need to make updates or changes to this Privacy Policy. If we do so, we will inform you in an appropriate manner and we ask you to then carefully read through the updated Privacy Policy. The date of the most recent update of this Privacy Policy is given at the top of the policy. 

We trust that this Privacy Policy answers your questions about our collection, use, protection and disclosure of your personal data. If you have additional questions, please contact us at the address provided above or at support@emitemakeup.com.

2. How do we process personal data?

In this section, you can read about which personal data we process and why, how it is collected, the processing activities involved, with whom we share the data, including information regarding transfers of personal data outside the EU/EEA and the time period during which we store your data.

2.1. Which personal data do we process?

The categories of personal data we process are the following:

  1. Name and contact details such as your email address, telephone number, location, professional title, and information regarding the company you represent as well as any agreements you have entered into with us on your or your company’s behalf;
  2. Account details, including username/userID, newsroom name, password, information regarding unique identifiers such as API tokens, profile picture, bio, and information relating to other social media profiles (such as Facebook, Twitter, LinkedIn, Skype or Google accounts) you have linked to your user account;
  3. Personal and professional preferences, including interests, subscriptions and language settings;
  4. Browser information, e.g. type and version of browser, any website from which you have been referred, which time zone you visit us from; pages you visit on our website; your IP-address and a rough location estimate based on your IP-address; information about your web activity or your interaction in emails we send to you; information on your use of our services.

2.2. Why we process your personal data
In this subsection, we describe when and why we process your personal data. Your personal data will not be used in any manner that is incompatible with the purposes for which they were collected.

2.2.1. Provide our services
We process your personal data to provide you or your company with our services and to communicate with you. This includes providing you access to our different features, administering your account, processing your contact information in connection with entering into or completing an agreement with you or your company, invoicing your company and providing support, training, professional services and general information regarding our services to you. Our processing for the purpose of providing our services is based on our legitimate interest to do so or on your prior consent (where applicable, such as when you sign up for an account).

2.2.2. Improve our services
We process your personal data to improve our services and make them more user friendly (e.g. by testing and troubleshooting, fixing bugs and amending the interface in order for you to easily reach the information that you seek or highlighting popular functions). This includes producing statistics on and analysing how you use our services and performing market research and customer satisfaction surveys and getting your feedback through other feedback functions. For these purposes, we also use your personal data based on your web activity and activity associated with emails we send to you, including how you use our website and services, your interests, professional title and company and similarities with other users’ interests and user patterns (so called profiling and segmentation). To the extent possible, we use your personal data in an aggregated or anonymized form in this processing. Our processing for the purpose of improving our services is based on our legitimate interest to do so.

2.3. How we collect your personal data
We collect your personal data when you register a user account or in any other way provide us with your personal data. 

2.4. How we share your personal data
The personal data that we collect is shared with other companies owned by Boonstreet Invest AB as well as with our third party suppliers and other third parties listed below, for the provision of our services, including for our developing and maintenance of the platform. This may involve coordination of your personal data with other registers.
These are the types of third parties with whom we share your personal data:

  1. Service providers: We use third party service providers to manage some aspects of our business operations. We share personal data with such third parties with regard to IT infrastructure, operating and hosting services, marketing research and communications, financial and payment services, customer services and IT services such as IT support, maintenance and development.
  2. For security reasons: We may share your personal data when this is required by law, to protect you or our customers or for the security of our services.

When we use service providers in accordance with (a) above, we will enter into a data processing agreement with the service provider which requires it to ensure that your personal data is only processed in accordance with our instructions and this Privacy Policy. Processing and sharing of your personal data in accordance with (a)-(b) above is necessary for our legitimate interest to provide our services or to fulfil any contract we have entered into with you or your company or to comply with mandatory law.

2.5. Transfer of your personal data outside the EU/EEA

When another company in the Boonstreet Invest AB group, our service providers, partners or any potential purchaser of our business or assets are located in or have business activities in a country outside the EU/EEA, we may transfer your personal data to such countries. In the event of such transfer it will be made in accordance with applicable data protection law, for example by ensuring that the country in which the recipient is located ensures an adequate level of data protection according to the European Commission or by use of standard contractual clauses that the European Commission has issued ensuring suitable measures to safeguard your rights and freedoms.
You may access a list of the countries that the European Commission has decided provide an adequate level of data protection at  http://ec.europa.eu/justice/data-protection/international-transfers/adequacy/index_en.htm.

2.6. For how long do we store your personal data?

We will only store your personal data for as long as necessary for the purposes they were collected and to fulfill our legal duties to store data otherwise, but no longer than permitted by applicable law.
We have routines in place to remove personal data that is no longer necessary or allowed to store, including removing personal data related to deleted accounts at least once a year.

3. Security measures

We have taken a number of security measures to ensure that the personal data we keep is secure. For example, access to areas where personal data is stored is limited to our employees and service providers who require it in the course of their duties and who are informed of the importance of maintaining the security and confidentiality of the personal data we keep. We maintain appropriate safeguards and security standards to protect your personal data against unauthorized access, disclosure or misuse. We also monitor our systems to discover vulnerabilities in order to protect your personal data.

4. Your rights

4.1. Introduction
In this section, we describe your rights under applicable data protection law. You may email us at support@emitemakeup.com to exercise your rights or if you have any questions or comments regarding our processing of your personal data or this Privacy Policy. We will respond within a reasonable period of time upon verification of your identity.

4.2. Right of access and rectification
You have the right to information regarding which of your personal data we process and to access and rectify such personal data. You may access and amend some of the information we keep on you through your account settings. To learn more about the information we store about you, please do not hesitate to email support@emitemakeup.com and specify which information you request access to or information regarding.

4.3. Right to erasure
You may request that we erase your personal data without undue delay in the following circumstances:

  1. the personal data is no longer necessary in relation to the purposes for which they were collected or otherwise processed;
  2. you withdraw your consent on which the processing is based (if applicable) and there is no other legal ground for the processing;
  3. you object to our processing of personal data and we do not have any overriding legitimate grounds for the processing;
  4. the processed personal data is unlawfully processed; or
  5. the processed personal data has to be erased for compliance with legal obligations.

We may deny your request if we are prevented from erasing your personal data by requirements set out in applicable laws and regulations (e.g. in relation to accounting and tax legislation) or if they are needed for the establishment, exercise or defence of legal claims. If we cannot meet your request, we will instead restrict the personal data so they cannot be used for another purpose than the purpose preventing the erasure.

the personal data is no longer necessary in relation to the purposes for which they were collected or otherwise processed;

you withdraw your consent on which the processing is based (if applicable) and there is no other legal ground for the processing;

you object to our processing of personal data and we do not have any overriding legitimate grounds for the processing;

the processed personal data is unlawfully processed; or

the processed personal data has to be erased for compliance with legal obligations.

4.4. Right to restriction
You have the right to restrict the processing of your personal data in the following circumstances:

  1. you contest the accuracy of the personal data during a period enabling us to verify the accuracy of such data;
  2. the processing is unlawful and you oppose erasure of the personal data and request restriction instead;
  3. the personal data is no longer needed for the purposes of the processing, but are necessary for you for the establishment, exercise or defence of legal claims;
  4. you have objected to the processing of the personal data in accordance with section 4.5 below, pending the verification whether our legitimate grounds for our processing override your interests, rights and freedoms.

If your personal data has been restricted in accordance with this section they may, with exception of storage, only be processed for the establishment, exercise or defence of legal claims, or for the protection of the rights of a third party or for reasons of important public interest according to EU or EU member state legislation.

you contest the accuracy of the personal data during a period enabling us to verify the accuracy of such data;

the processing is unlawful and you oppose erasure of the personal data and request restriction instead;

the personal data is no longer needed for the purposes of the processing, but are necessary for you for the establishment, exercise or defence of legal claims;

you have objected to the processing of the personal data in accordance with section 4.5 below, pending the verification whether our legitimate grounds for our processing override your interests, rights and freedoms.

4.5. Right to object
You have the general right to object to our processing of your personal data when it is based on our legitimate interest. If you object and we believe that we may still process your personal data, we must demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the establishment, exercise or defence of legal claims.
Your personal data will not be processed for purposes related to direct marketing if you oppose such processing.

4.6. Right to data portability
If your personal data has been provided by you and our processing of your personal data is based on your consent or on the performance of a contract with you, you have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format in order to transmit these to another service provider where it would be technically feasible and can be carried out by automated means.

4.7. Right to withdraw consent
When our processing of your personal data is based on your consent, you have the right to withdraw your consent at any time. You may withdraw your consent through your account settings by deleting your account. Please note that the lawfulness of processing based on consent before its withdrawal is not affected.

 

4.8. Right to file a complaint
You may at any time lodge a complaint with the supervisory authority if you believe that our processing is performed in breach of applicable data protection law. Please note that you are also always welcome to contact us in such event.

Cookies

According to the Swedish Electronic Communications Act that came into force on 25 July 2003, visitors to a website shall be informed about the use of so-called cookies, and have the option to prevent them from being used.

A cookie is a small text file (usually smaller than 1 kB) that is saved in your computer and stores information. Cookies are used to improve the website for the use, among other purposes.

Our website uses the friendly version of cookies, so-called session cookies. When you are surfing a web page, session cookies are sent between your computer and our server to enable them to exchange information. This might, for example, be what you have placed in your basket, or whether you are logged into My pages.

We do not save any personal data via session cookies. Session cookies are not stored permanently on your computer, instead they disappear when you close your browser.

There are safety settings on most browsers that can de-activate session cookies. Usually you can also remove any session cookies that have already been saved.

If you choose not to accept session cookies on our website, the website will not function satisfactorily.

When visiting this website, your IP address is automatically registered to measure the visit frequency.

Contact Starweb at www.starweb.se for further information about session cookies in the webshop.

JavaScript seem to be disabled in your browser.

You must have JavaScript enabled in your browser to utilize the functionality of this website.