The AAA (the “site” or “we”) are committed to protecting the privacy of the personal information we collect when you visit or make a purchase from https://www.theaaa.ch (“the Site”). This policy outlines our ongoing obligations to you in respect of how we manage your personal information.
1. WHAT IS PERSONAL INFORMATION AND WHY DO WE COLLECT IT?
Personal information identifies you as an individual. Examples of personal information we may collect from you include:
- name, date of birth and gender;
- delivery address;
- E-Mail address;
- the date and time you accessed the Site;
- telephone number; and
- information you provide us through entering competitions.
Furthermore, we may collect the following information:
- log-in details and information you provide when setting up an account on the Site (“Login Information”)
- information you provide to us related to your account or profile with us (“Account Information”);
- contact information we collect from you (for example, your name, address, telephone number, E-Mail address) (“Contact Information”);
- information we collect which relates to orders you have placed with us, including products you have ordered, shipping destinations, the price of products you have ordered and any customization (“Order Information”);
- information provided relating to payment (“Payment Information”), but please note that credit or debit card information may be supplied directly to a third party payment processor who will process the data in accordance with their own privacy notices or policies;
- a record and details of any correspondence or communication between you and us or relating to any complaint submitted to us (“Communication Information”);
- details of your visits to the Site, the resources and pages that you access and any searches you make (“Technical Information”).
- Generally, we collect personal data directly, but we may obtain data from third parties from time to time including database owners. For instance, we may license data from a postcode database in order to ensure efficient shipping. If we do obtain your personal data from a third party your privacy rights under this notice are not affected and you are still able to exercise the rights contained within this notice.
- You do not have to supply any personal information to us, but the Site may not be operable without providing data to us. We will not be able to fulfil an order without collecting some personal data from you.
- You may withdraw our authority to process your personal data at any time, but we will be entitled to complete any orders we are processing at that specific moment of time, and we may need to withhold some personal data for legal or other reasons
When you visit the Site, we automatically collect certain information about your device, which includes your web browser, IP address and time zone. Any personal details and account information are held on a securely encrypted server hosted by www.shopify.com. We retain some of these records to fulfil your online purchases and to improve your overall website and customer service experience with us.
In addition to the above, we also collect certain information about the products that you view, what search terms referred you to the Site, and further information about how you engaged with the Site. The purpose of collecting such information is to optimize your experience when revisiting the Site.
When you visit the Site, the Site sends a cookie to your device. That device will then automatically store the cookie in a file which is located within your web browser. Accordingly, when you revisit the Site, it will respond in a more personalized way, remembering your preferences and enhancing your shopping experience.
A cookie is a small amount of information that’s downloaded to your computer or device when you visit certain websites. We use several different cookies including strictly necessary, performance, advertising, and social media or content cookies. Cookies make your browsing experience better by allowing the website to remember your actions and preferences (such as login and region selection). This means you don’t have to re-enter this information each time you return to the site or browse from one page to another. Cookies also provide information on how people use the website, for instance whether it’s their first time visiting or if they are a frequent visitor.
Some cookies are necessary to allow you to browse our website, use its features, and access secure areas. The use of these cookies is essential for the website to work. For example, we use user-input cookies for the duration of a session to keep track of a user’s input when filling in forms that span several pages.
The length of time that a cookie remains on your computer or mobile device depends on whether it is a “persistent” or “session” cookie. Session cookies last until you stop browsing and persistent cookies last until they expire or are deleted. Most of the cookies we use are persistent and will expire between 30 minutes and two years from the date they are downloaded to your device. See the section below on how to control cookies for more information on removing them before they expire.
You can control and manage cookies in various ways. Please keep in mind that removing or blocking cookies can negatively impact your user experience and parts of our website may no longer be fully accessible. Most browsers automatically accept cookies, but you can choose whether to accept cookies through your browser controls, often found in your browser’s “Tools” or “Preferences” menu.
“Log files” are used to keep a registry of events and communications between software applications and the operating system.
Web Beacons are used in conjunction with cookies for the purpose of generating statistics about how the Site is used, for example, to count the number of customers that have visited a certain page.
You may unsubscribe from our mailing and marketing lists at any time by clicking the “unsubscribe” link at the bottom of each email you receive from us or by emailing us at email@example.com
2. USING YOUR PERSONAL INFORMATION
We collect your personal information for the primary purpose of managing the delivery of our services and products, including fulfilling and delivering any orders placed through the Site and for internal business processes such as developing marketing plans, gathering analytics about how our customers interact with the Site and establishing promotional material which may be of interest to you. We may also use your personal information for secondary purposes closely related to the primary purpose in circumstances where you would reasonably expect such use or disclosure, such as to communicate with you, to assess the performance of the Site, or to screen our orders for potential risk or fraud.
3. THIRD PARTIES
Any third parties retained by us to perform functions on our behalf may be provided with access to personally identifiable information necessary to perform their functions, but may not use that information for any other purpose, unless you have otherwise agreed. For example, we use Shopify to operate and manage our online store, and use Google Analytics and Google Search Console to help us interpret how you and other customers engage with the Site. As aforementioned, we encourage you to familiarize yourself with our third-party providers’ privacy policies and ensure you are comfortable with any particular privacy policies governing the use of those websites.
4. DISCLOSURE OF YOUR PERSONAL INFORMATION
Any information, including your personal information, may be disclosed by us where we deem necessary, and in our sole discretion, where required or authorized by law. As noted herein, we may use your personal information to provide you with marketing communications and targeted advertising which may be of interest to you. However, we do not share, sell or exchange your personal information with any individual or company, outside of what is disclosed within this policy.
5. SENSITIVE INFORMATION
Sensitive information is defined in the Act to include information about such things as an individual's racial or ethnic origin, political opinions, religious or philosophical beliefs, sexual preference and health status. We do not collect sensitive information as that term is defined within the Act.
6. SECURITY OF YOUR PERSONAL INFORMATION
We are committed to protecting the privacy of your personal information. Accordingly, your personal information is stored in a manner that reasonably protects it from misuse, loss or disclosure. Please note that third party recipients of personal information have their own privacy policies and we are not responsible for their actions. Should you have any questions or concerns about security regarding the Site, please contact us by email at firstname.lastname@example.org
7. ACCESS TO YOUR PERSONAL INFORMATION
You may access the personal information we hold about you and request that it be updated or corrected, subject to certain exceptions provided under the Act and otherwise. Should you wish to access your personal information, please contact us by email at email@example.com or by telephone on +41 27 322 71 71.
In order to protect your personal information, we may require identification from you before releasing the requested information.
8. LEGAL BASIS
In accordance with the General Data Protection Regulation (“GDPR”), if you are located in the European Economic Area (“EEA”), we process your personal information under the following legal bases:
• Your consent;
• The performance of the contract between you and the Site;
• Compliance with our legal obligations;
• To protect your vital interests;
• Perform a task of public interest;
• For our legitimate interests, which do not override your fundamental rights and freedoms.
When you place an order on the Site, we will retain your personal information for our records, unless and until you ask us to delete this information. For more information on your right to erasure, please see the “Your rights” section below.
Automatic decision making
If you are in the EEA, you have the right to object to processing based solely on automated decision-making (which includes profiling), where that decision-making has a legal effect on you or significantly affects you.
We DO NOT engage in fully automated decision-making that has legal or otherwise significant effect using customer data.
Our processor Shopify uses limited automated decision making to prevent fraud that has no legal or otherwise significant effect on you.
Services that include automated decision-making elements include:
• Temporary deny list of IP addresses associated with repeated unsuccessful transactions. This denies list persists for a small number of hours.
• Temporarily deny list of credit cards associated with denied IP addresses. This denies list persists for a small number of days.
If you are a resident of the EEA, you have the right to access the personal information we hold about you, to transfer it to a new service and to request that your personal information be corrected, updated or deleted. If you wish to exercise these rights, please contact us using the contact details: firstname.lastname@example.org
Your personal information will initially be processed in Ireland and then transferred outside of Europe for storage and further processing, including to Canada and the United States. For more information on GDPR data transfer compliance, see Shopify's GDPR whitepaper: https://help.shopify.com/en/manual/your-account/privacy/GDPR.
GDPR relevant data
Company name: Alaïa SA
Postal address: Route de Crans 81, 1978 Lens, Switzerland
Telephone no. +41 27 322 71 71
E-mail address: email@example.com
VAT number: CHE 374.281.299
Data Controller: Alaïa SA
Data Processor: Shopify Inc
Purposes of data processing: As a visitor to our website, you agree that we may analyse your data via apps such as Google Analytics or Google Search Console. This data is anonymous and we do not share it with third parties. We do not actively store any data relating to your website visit. We are not transferring data to other organisations or countries.
11. POLICY UPDATES AND CHANGES
We reserve our right to revise and amend this policy from time to time at our own discretion and without notifying you. For example, this policy and our privacy practices may be amended in order to comply with operational, legal or regulatory processes. Any revised policy will be available on the Site, and we suggest that you consult the policy on a periodic basis to review and consider any changes.
Should you have any questions or concerns in relation to this policy or our privacy practices, or for access to your personal information, please contact us by email at firstname.lastname@example.org or by telephone on +41 27 322 71 71.
We remain committed to protecting the privacy of your personal information and will continue to improve and develop our privacy practices so that your visit to the Site is an enjoyable experience.
Route de Crans 81
1978 Lens, Switzerland