Personal data from correspondence – email and contact form
Effective communication between us and the customers and visitors of mylipfiller.com requires that we request some basic amount of personal information. Whenever a customer contacts us through the contact form or emails us directly, we may require such personal data as name, address, email address, phone number, payment details, company information, VAT number, shipping details and more, in order to give back the most accurate reply to the customer’s enquiry, provide them with the necessary information or receive/fulfill their other or any related action. The information provided by clients in their correspondence with us is completely confidential and never provided to a third party.
What are cookies?
“Cookies is a term that refers to small files stored inside the users browser, containing data about the user’s browser, device and possibly their browsing actions and history. Cookies allow the systems of a website to recognize a user, store information about them between sessions (i.e. after the browser has been closed and then reopened) or to retain information for the duration of a single session, to allow the normal functioning of the shopping experience – retain products in the card, keep the user logged into the system, retain the billing and shipping information.
There are two types of cookies. Some are absolutely necessary for the operation of a website and they cannot be disabled by the user. Our store needs such cookies, so our integrated cart system, as well as the user accounts can function and customers can make and finalize their orders without issues. No personal data will be contained in these cookies, like your name, address or IP, for example. These only allow for a convenient user experience, without containing actual user information and such will expire upon ending the session.
The cookies used by the shopping cart – WooCommerce, regarding the items added to your basket, will be retained for up to a month in your browser (unless you manually clear them), but they hold no actual personal information and only tell our site what products you previously added to the basket, solely for your convenience.
Cookies related to your logged in status are also stored inside the browser for up to a month. Again, they hold no actual personal information and only enable your browser to automatically log into your user account. Please note they can either be manually deleted, expire within a month or will be deleted once you log out of your user account. Please be sure to not leave your account logged on a computer which is not used only by you or any other public device.
Third party cookies
“Third party” cookies are the ones defined by not being issued by our system to your browser directly and not directly related to the shopping and browsing experience of mylipfiller.com. Such may be the cookies from an embedded video or other media, as well as some Google services. We’ve tried to limit all third party cookies to user consent, which is why all videos on the website, embedded from other platforms, like YouTube require additional confirmation and cookie notification. Further, Google issued cookies, related to Analytics, while enabled by default, can be disable along with Google Analytics, through the Privacy Settings menu.
Other third party cookies included cookies necessary during card checkout, issued by our checkout service provider. They are completely safe and will expire immediately after the transaction is complete, while no card information will be available to us or our system, so the checkout is completely secure.
Embedded media and other content
Embedded content is generally displayed in a iframe html element. Iframes are essentially an embedded window displaying content from another website. We do not have any direct control over such content or it’s publisher. Thus third party cookies from embedded content cannot be directly controlled by us. However, we will try to limit all embedded content to videos from YouTube and similar services and you will be notified and will have to give your consent to third party cookies from the specific media site, before you can view and play the embedded content.
Our main tool for data collection and analysis of customer shopping behavior is Google Analytics. This is a third party service offered by Google, which allows the collection, comparison and further analysis of customer and visitor behavior on the website. It’s functionality is strictly limited to site usage of mylipfiller.com. No personal data s collected by Google Analytics. All data collected with Google Analytics is only used for improving the browsing and shopping experience and development of marketing strategies. No private or personal data is kept. No private or personal data is collected and provided by Google or provided to third parties.
Data collected via Google Analytics is only accessible by us and Google. It cannot be transferred, provided or resold to any third party. All IP addresses are anonymized, via obscuring their last several digits, making physically locating the user via their IP address impossible. Geo-location is active on this website, in order to display prices in local currencies, but it’s usage is limited only to our system, no so full IP data will be shown in Google Analytics.
Your personal data will never be shared with third parties. All personal data submitted during correspondence with us or when making an order is kept completely safe. Date you submit during checkout, including your card information is completely secure and your card details are handled by the checkout company directly, being inaccessible even to us.
Site usage data is available to both us and Google as we use Google Analytics for collection and analysis of customer browsing experience and site usage behavior. Browsing data will never be provided by us or Google to any third parties.
Data retention period
Active user accounts and their personal data are kept indefinitely. Inactive user accounts, along with their data are deleted automatically after 5 years of inactivity. Orders and order information are retained for 5 years.
The above does not include situation where there is a problem that needs to be resolved – like due payment or other issue with the order, as well as cases where we are obliged to retain the information about the user or order for an extended period of time.
Customer rights on their data
As an EU based entity we are bound by EU laws and GDPR, specifically. Any user of our website, regardless if EU based or not, can request to receive the full collection of personal data that is being kept on our website (please note this does not include email messages, correspondence and messages sent through the contact form, as such are not kept on our web server). As a customer you have the “right to be forgotten”, giving you the ability to have any EU bound website online to not only provide you with all information about you on their system, but also to delete that data as per your request.
Requesting personal data
You can make a request to received or to have your entire personal data deleted using our email address – firstname.lastname@example.org. Please note the request must be made from the same email account you used to register in our website or left as contact information when ordering as a guest. If you are unable to use that account, please contact us, so we can discuss what other method of verification you can use to verify your identity.
Tel: +1 (929) 322-1217
Data handling procedures and policies
Private and personal data protection
Your personal details and information, including name, phone number, address, email, company information, or any other sort of data which can be considered personal, is only accessible to our company and employees. We will never sell, transfer or otherwise provide personal data to any third parties.
We have taken all necessary measure to make our website and the server it is hosted on sufficiently safe against common online attacks and security breaches
Please note that you are responsible with both using a strong enough and difficult to guess password to protect your user account on our website. You must also use a secure enough email for contact and restoration of your password. We are not responsible for security breaches that are the result of customers using weak/easy to guess passwords, passwords that have been stolen directly from the user or via taking control of their email account.
Procedures in case of a data breach
While we have taken all reasonable measure to protect our web server, website and the data of our customers, data breaches are always a possible risk. Should the unlikely and unfortunate event of a data breach or other security issue regarding the access of unauthorized third parties to user data or the potential of such access, we will immediately notify all affected or in risk users. You may be required to provide us with your assistance, including changing your password and password recovery email.
Automatic data handling
Data regulating institution
In case of a dispute which cannot be settled between us and the customer, regarding data handling, they can turn to our local EU data regulator: