At Lolly (“we”, “us”, “our”) we understand protecting our business partners and customers privacy is of utmost importance. We respect and value the privacy of our business partners, customers, subscribers, and website visitors (“you”, “your”) and will only collect and use personal data in ways that are necessary to us and in a way that is consistent with our obligations and your rights under the law.
What Does This Policy Cover?
What is Personal Data?
Personal data is defined by the General Data Protection Regulation (EU Regulation 2016/679)(the “GDPR”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.
How Do You Use My Personal Data?
Your personal data maybe necessary for performance of a contract with you, because you have consented to our use of your personal data, or because it is in our legitimate business interests to use it.
Your personal data could be used for one or more of the following purposes:
- The processing and execution of demonstrations relating to the Services
- Supplying our products or services to you, information required in order for us to enter into a contract with you
- Information relating to Facebook (or other) marketing campaigns including asking for certain Facebook permissions allowing us to perform actions within your Facebook account.I.e. connecting with your User’s account on the Facebook social network, provided by Facebook. E.g. Ad Account Access, Business Manager Access, App Notifications etc
- Contacting and marketing of our services to visitors of our websites who give permissions
to receive information from us E.g. News, Offers, Emails. You will always have the opportunity to opt-out
- Market and customer analysis, statistical reporting and product improvements
- For invoicing and to send important information, E.g. changes to the pricing structure,fees and conditions
- If you have opted in to receive cookies from our website then, we may target you with
selected ads on Google or Bing search results pages and/or targeted display ads, served via the Google Display Network on websites which have opted to display such ads
Personal Data we collect and use
Personal Data collected by us is mainly obtained directly from you, generally this Personal Data is necessary to use and purchase our Services, to accommodate your request to engage with us.
We may not provide or be able to provide our Services to you if you refuse the processing of your Personal Data.
We would collect Personal Data in order for you:
- To use our services
- Requests for information through our website
We do not collect sensitive information (Personal Data of special categories).
Under the GDPR, you have the following rights, which we will always work to uphold:
The right to be informed about our collection and use of your personal data.
This Privacy Notice should tell you everything you need to know, but you can always contact us to find out more or to ask any questions using our contact details.
The right to access the personal data we hold about you and have your personal data rectified if any of your personal data held by us is inaccurate or incomplete.
The right to be forgotten, restrict the use of or object to the use of your personal data
How Long Will You Keep My Personal Data?
We will not keep your personal data for any longer than is necessary than for the reason for which it was first collected. Your personal data will therefore be kept for the following periods (or, where there is no fixed period, the following factors will be used to determine how long it is kept):
- Cookies will be retained for a maximum of 540 days, unless they are reset by, for example,
a further visit to our website;
- Email addresses will be retained for as long as we consider them useful for marketing purposes,
or until a valid removal request is received.
How and Where Do You Store or Transfer My Personal Data?
Where possible we will only store or transfer your personal data within the European Economic Area, consisting of all EU member states, plus Norway, Iceland, and Liechtenstein. Meaning that your personal data will be fully protected under the GDPR by law.
Personal Data may be transferred outside the European Union and the European Economic Area to other locations and jurisdictions in which we conduct our business. Such transfers outside the European Economic Area are performed subject to appropriate safeguards such as standard data protection clauses adopted or otherwise approved by the EU Commission in accordance with the GDPR.
We only retain personal data for as long as is necessary. Access to personal data is restricted to company employees for whom it is necessary to have such access. We ensure we have a record of exactly what personal data we are retaining and processing.
Do You Share My Personal Data?
We may share your personal data with other companies in our group for marketing purposes.This includes subsidiaries.
In the main our service the provision of a marketing platform for Facebook, therefore we may sometimes contract with the following third parties to supply services to you on our behalf. Facebook, Google, LinkedIn, Twitter, etc.
If any of your personal data is required by a third party, as described above, we will take steps to ensure that your personal data is handled safely, securely, and in accordance with your rights, our obligations, and the third party’s obligations under the law.
In some limited circumstances, we may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.
How Can I Access My Personal Data?
If you want to know what personal data we have about you, you can ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a “subject access request”.
All subject access requests should be made in writing and sent to the email or postal address below. We will respond to your subject access request within 28 days.
To contact us about anything to do with your personal data and data protection, including to make a subject access request, please use the following details:
Email address: firstname.lastname@example.org
Postal Address: Lolly – The Old Truman Brewery, 91 Brick Lane, London, E1 8AF.
We may change this Privacy Notice from time to time, any changes or updates will be made available via our website (www.lolly.com)