Data protection policy
Dermoshop cares about your personal integrity and protects your personal data in the best possible way. We do everything we can to make sure your personal data are processed in the safest manner, both within our company and also in the operations of our subcontractors. In this data protection policy, we describe what data we collect and how they are used.
The main grounds for processing personal data are client or contractual relationships, consent of the data subject or legitimate interests of the data controller.
1. Data controller
Dermoshop Ltd (”Dermoshop” or ”we/our”)
Business ID: 0213176-8
Address: Västanlidvägen 50, 66200 KORSNÄS, Finland
E-mail: email@example.com or firstname.lastname@example.org
2. Name of the register
Dermoshop Ltd's client and direct marketing register.
3. What personal data do we process?
We collect the personal data that you send us, for example when you register to our webshop, subscribe to the newsletter, make orders, contact our customer service (by phone or through digital channels, including social media), write product reviews or posts in our forum or participate in competitions. The personal data that Dermoshop process include your name, possible work place, date of birth, home address or work address (for group order members), postal code, post office, e-mail address, phone number, order history, collected bonus points, possible premium status, technical data (user's IP-address and data about web browser) and cookies. You can also add information about your skin type and gender in our webshop, but it's not a requirement. We can also collect some personal data from external sources, for example credit information and address changes. Within legal limits we can also update the data with information acquired from the authorities or other enterprises.
4. How do we use your personal data?
We can use the data for identification, managing the customer relationship, processing orders, direct marketing, customer surveys, newsletters, for analysis and profiling purposes and for statistics. The data can also be used for sending advertising materials by mail, SMS or e-mail and marketing by phone if you haven't declined it. The data can also be used for the purpose to send you important information, for channeling marketing and improving our services. You can unsubscribe from our newsletter by using the link in our newsletter.
Dermoshop can use subcontractors and service providers for the management of services, for printing and distribution, customer service, payment mediation, credit and payment services, administration and analysis of user data, studies, customer messages and organizing campaigns. The subsidiaries, subcontractors and service providers of Dermoshop may use your personal data only for the purposes set out in this data protection policy.
The above mentioned third parties are forbidden to use your data for any other purposes than those defined in this policy or by Dermoshop. Dermoshop obliges third parties to keep your data confidential and ensure that the data protection is on a sufficiently high level, so your personal data are protected.
For processing your data Dermoshop uses service providers who may have access to the data outside the EU/EEA, for example from the USA. Dermoshop is responsible for transferring data in an appropriate manner and as stipulated by law.
Your personal data can be transferred to the authorities only if required or for purposes stipulated by law.
5. How do we protect your personal data?
To protect personal data are extremely important to Dermoshop. The data are stored in electronic systems that are protected with firewalls, passwords and other necessary technical solutions. Only people working at Dermoshop and other defined people who require the data for performing their duties have access to the data. All the persons who use the data in the register are bound by an obligation of confidentiality.
6. How long are my personal data stored?
Your personal data are stored in the register only as long as it is essential for the purposes set out in this data protection policy and for compliance with a legal obligation to store data. It is possible that due to legal obligations Dermoshop can be required to store data longer than the above-mentioned envisaged period.
Any outdated and unnecessary data are erased in an appropriate manner. The personal data are entered in the register in the way the registered person has given them, and the data are updated by the registered person or by Dermoshop on request from the registered person.
7. Verifying, updating, correcting and deleting your personal data
You, as a customer, have the right to verify what data have been stored in the client and direct marketing register of Dermoshop. The verification right can be denied on some legitimate basis, laid down by law. In principle, to use the right of access is free of charge. You have as a registered customer, anytime the right to oppose the processing of your data, if you feel that Dermoshop has processed the data unlawfully or that Dermoshop doesn't have the right to process your data. The right to object does not apply to the processing of personal data that Dermoshop is legally obliged to do or on other grounds laid down by law.
You have the right to get inaccurate data rectified or incomplete data completed and the right to demand that the data concerning yourself are erased from our client and direct marketing register. You can also erase your profile by yourself from the webshop dermosil.com or update the data included there. Nevertheless, the right to erasure does not apply inasmuch the processing and storage of data entered in the register is necessary for compliance with a legal obligation concerning Dermoshop or on other legal grounds, laid down by law.
To that extent you have entered data to Dermoshops' client and direct marketing register and the data is processed with your consent or for the performance of a task, you have the right to get similar data mainly in electronic format and the right to transmit those data to another controller.
You have the right to contact us anytime to cancel direct marketing. You can also erase your profile from the webshop dermosil.com, update your data and refuse to get marketing communication directed to you. You have the right to contact us and request Dermoshop and all third parties to delete the collected personal data belonging to you.
If your data are being processed on the grounds of your consent, you have the right to withdraw your consent by contacting us in accordance with this data protection policy.
You should send requests regarding your rights per mail or e-mail to the address noted in paragraph 1. Dermoshop may ask you to specify the request and confirm your identity before it can be processed. Dermoshop may refuse to act on the request on the grounds set out in applicable law. Dermoshop will respond to the request within one (1) month after the request has been submitted, unless there are special reasons to extend the response time.
You have the right to turn to the authorities if Dermoshop has not complied with the legislation that regulates data protection.
8. Delete account
Please contact our customer service if you would like to delete your Dermosil account. You can reach us via email. See contact information from our Customer Service page.
9. Social media plugins
When you use our website you can share information in social media through social media plugins, e.g. in Facebook, Twitter and Pinterest (like sharing our promotions with other users through social media). If you choose to share information through social media plugins, your browser will transfer the following data to that social media:
• the date and time of your visit
• the internet/URL address that you're currently visiting
• your IP address
• what web browser you've been using
• what operating system you've been using
• your username, if you're a registered user on that social media channel and your first and last name, if necessary, and
• the information for which you used this specific plugin (e.g. personal data when sending out group order invitations)
Regarding such data we refer to the terms of the relevant social media operator. We advise you to stay informed about the purpose and extent of the data collection through social plugins. You can block social plugins in your browser settings.
Our webshop, dermosil.com, may contain links to other websites This data protection policy concerns only the webshop dermosil.com. When you move to another website, we recommend that you read the data protection policy for that site. Please remember that Dermoshop is not responsible for the manner how other websites process your data.
12. Changes to data protection policy
Dermoshop is constantly improving its operations and therefore we reserve the right to change our data protection policy, by informing you through our website. The changes can also be related to changes in legislation. We recommend that you regularly read our data protection policy.