I. About this Privacy Notice
1.1. This is the privacy notice (“Notice”) of DOXA Watches UK, c/o The Blue Company London Ltd, 497 Battersea Park Road, London, SW11 4LW (“DOXA”, “we", “us”, “our”). DOXA is the data controller for the purpose of this Notice.
1.3 The personal data that we collect about you depends on the context of your interactions with us, the products. services and features that you use, your location, and applicable law
1.4. We will post any changes we may make to our Notice on this Website or communicate them to you by email
1.5 This Notice complies with both Data Protection Act 2018 and the General Data Protection Regulation (GDPR).
1.6. The Notice currently in place dates of 10.08.2022.
II. Data protection principles
2.1 We will comply with applicable data protection law that states that the personal information we hold about you must be:
- used lawfully, fairly and in a transparent way;
- collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes;
- relevant to the purposes we have told you about and limited only to those purposes;
- accurate and to the extent appropriate, kept up to date;
- kept only as long as necessary for the purposes we have told you about; and
- kept securely.
There are more sensitive types of personal data which require a higher level of protection, known as ‘special categories’ of personal data under the General Data Protection Regulation (GDPR).
2. Information we may collect from you
2.1. We collect personal data, that you provide to us, such as by filling out a contact form, registering for an account, using interactive features, subscribing to a service, participating in a marketing promotion, ordering a product or a service, requesting information and/or material or complete surveys, information submitted as part of a support request, comments or forum posts, etc. Such personal data may consist of:
2.1.1. contact information (such as name, postal address, gender, email address, and mobile or other telephone number);
2.1.2. purchase and transaction information;
2.1.3. payment information (such as your payment card number, expiration date, authorization number or security code, delivery address, and billing address);
2.1.4. customer service information (such as customer service inquiries, comments, and repair history);
2.1.5. username and password;
2.1.6. information regarding your personal or professional interests, date of birth, marital status, demographics, and experiences with our products and contact preferences;
2.1.7. photographs, comments, and other content you provide;
2.1.8. contact information you provide about friends or other people you would like us to contact; and
2.1.9. information we may obtain from our third-party service providers.
2.2 We collect metadata, for example details of your visits to the Website, such as traffic data, location data, IP address, browser information, session data, preferences, settings, weblogs and other communication data, which we monitor during your interaction with the Website and any other relevant information that is automatically sent to us by your web browser or device,
3. On which basis do we process your personal data?
3.1. We process your personal data for the purposes indicated or obvious at the time of collection and
3.1.1. to which you have agreed, for example by checking a box; or
3.1.2. for which we are required by applicable laws, for example to comply with data retention requirements regarding data relevant for financial reporting; or
3.1.3. which is necessary for the performance of a contract, for example if you order items; or
3.1.4. for which we rely on other legitimate interests, which include:
- gathering market intelligence, promoting products and services, communicating with and tailoring offers to you;
- delivering and improving our products or services;
- management of customer, client, vendor and other relationships, sharing intelligence with internal stakeholders, implementing safety procedures, and planning and allocate resources and budget;
- monitoring, detecting and protecting the organisation, its systems, network, infrastructure, computers, information, intellectual property and other rights from unwanted security intrusion, unauthorised access, disclosure and acquisition of information, data and system breaches, hacking, industrial espionage and cyberattacks;
- protecting and developing industry standards; sharing intelligence about individuals or concerns that may have a negative or detrimental impact; and following industry best practices; or
- complying with industry standards, regulators’ requirements and other requirements related to fraud prevention and anti-money laundering.
- Sharing of information with partners or third parties is only done so where consent has been provided.
4. For which purposes do we process your personal data?
4.1. We process your personal data for the following purposes:
4.1.1. If you fill out a contact form providing your name, email-address, telephone number, preferences, etc., we use your data for answering your questions, sending you information or performing other tasks you ask us to.
4.1.2. If you register an account with us, then we process the data required to open that account, for example your name, address, email-address, password, profile picture, third party account data (if you register using your Facebook account or other social media account, for example), etc. to allow your registration and management of your account.
4.1.3. If you use our interactive features, we process the data required to use these features to allow you and manage their use, for example, your name and email-address to appear in a ranking and to send you updates regarding the online game in which you participated.
4.1.4. If you are an existing customer, we may send you advertisement about our products and services using, for example, your name and postal address.
4.1.5. If you subscribe to a service like our newsletter by providing us with your email-address and name, then we use this data for sending you our newsletter.
4.1.6. If you participate in a marketing promotion, then we use the data we require from you to allow your participation, for example, to manage your invitation for an event or to determine and contact the winner of a contest.
4.1.7. If you order a product, material or a service, we need and process the data required to fulfil your order, such as your name, telephone number, delivery address, credit card information, email-address, etc., for example to confirm your order, process your payment, check credit scoring, deliver the ordered items and contact you for delivery purposes.
4.1.8. If you answer one of our queries and provide us personal data such as name, age, occupation, etc., then we use this data to analyse the query results and draw conclusions therefrom.
4.1.9. If you consent to receive marketing information where prompted, then we use your data to send you promotional materials and other communications, to communicate with you about, and administer your participation in, special events, contests, sweepstakes, programs, offers, surveys and market research, to provide advertisements to you about our products and services, to tailor your use of the Website, marketing experience, and communications according to your preferences and our terms
4.2. We may process your personal data in a centralized system that allows enhancing your brand experience by tailoring our communication and marketing efforts to make them as relevant and useful as possible for you (profile building). For this we may process, match and enrich your personal data with data received from your interaction with us or from third parties. For example, if you tell us your age, income, hobbies or travel activities then we may mirror this data against your purchase behaviour and other information we have obtained from you in order to approach you with offers, invitations or promotions that we believe specifically fit your interests.
4.3. We process metadata that we collect from you to improve our website, analyse traffic pattern and Website usage, for targeted marketing, to develop and analyse statistics and demographics, or optimize our online presence and marketing efforts.
4.4 We will only use your personal information for the purposes for which we collected it or as otherwise described in this privacy notice, unless we reasonably consider that we need to use it for another reason and that another reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so. Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
5. To whom do we disclose and transfer your personal data (Data Sharing)?
5.1. We may disclose your personal data to the following recipients or categories of recipients for them to use the data on their own behalf and under their own control (controllers):
5.1.1. Our brand headquarters DOXA Uhren AG, Rue de Zurich 23A, 2500 Biel/Bienne, Switzerland (“Brand HQ”);
5.1.2. Our appointed representative for DOXA Uhren AG in the United Kingdom: The Blue Company London Ltd, 497 Battersea Park Road, London, SW11 4LW (The Blue Company London).
5.2. We may disclose your personal data to the following recipients or categories of recipients acting on our behalf and/or as partners (processors), limited to the purpose of the execution of their obligations, which are contractually bound to adhere to an adequate level of data protection when processing your personal data (for example to fulfil orders, deliver packages, process credit card payments, provide customer service, send postal mail and e-mail, store and process data, host websites, remove repetitive data from customer lists, analyse data, provide marketing assistance, execute customer satisfaction surveys, provide customized advertising):
5.2.1. DOXA Uhren AG;
5.2.2. Brand HQ;
5.2.3. Our appointed representative in the United Kingdom “The Blue Company London”;
5.2.4. Our third party service providers.
5.3. We may disclose your personal data to an acquirer if DOXA Uhren AG or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
5.5. We may internationally transfer your personal data, including to countries that are not considered providing an adequate level of data protection by the relevant regulatory bodies, for example to countries not considered by the European Commission or the Swiss Federal Data Protection and Information Commissioner to be providing such level. In such case, we ensure the adequate protection of your personal data by having the recipients adhere to binding contractual obligations in accordance with applicable standards approved by the relevant regulatory bodies or by relying on other safeguards, such as self-certifications, approved by the relevant regulatory bodies. You may contact us for a copy of the contractual and other safeguards in place (see section 9 below).
5.6 We seek to share your personal information with third parties only where we believe it is necessary or consistent with our legitimate interests, including to third-party service providers
5.7. This Website may contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that they have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
5.8 We require third parties to respect the security of your personal information and to treat it in accordance with the law. We use a range of third parties from time to time to provide a wide range of services, including telecoms, IT, courier, HR, security, legal, accountancy, data, and catering services.
5.9 If we transfer your personal information outside the UK and European Economic Area, you can expect a similar degree of protection in respect of your personal information.
6. For how long do we process your personal data?
We process your personal data:
- until you withdraw your consent for future processing, for example until you unsubscribe from our newsletter or delete your account with us;
- we will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
- To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
- for as long as you remain our business partner plus ten years, unless we can rely on another justification, have informed you otherwise or you have given your consent for a longer retention period;
7. What are your rights?
It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your relationship with us.
7.1. You have the right:
- to request from us access to and rectification or erasure/deletion of your personal data;
- to request us to restrict the processing of your personal data, in particular to object to the processing of your personal data for direct marketing purposes; and
- to request from us to provide you or any person you authorise or entity you appointed with a digital file of your personal data (data portability).
7.2. You may withdraw your consent that allows us to process your personal data for the indicated purposes at any time.
7.3. To exercise the above rights, you may contact us as indicated below.
7.4. You also have the right to lodge a complaint with the competent authority.
7.5 You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may, where the relevant law permits, charge a reasonable fee if your request for access is clearly unfounded or excessive (for example, for repeat copies). Alternatively, we may refuse to comply with the request in such circumstances.
7.6 We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
8. How can you contact us?
For any questions or to exercise your rights, you may contact us as follows:
Postal address: DOXA Watches UK, c/o The Blue Company London, 497 Battersea Park Road, London, SW11 4LW
9. Updates to this policy
So that we can offer you the best possible online experience, new services using cookies may be added to our site from time to time. We aim to keep the cookies information provided here as accurate as possible and use all reasonable efforts to regularly review and update the details. When we update these details we will post changes on this page or on other pages of our Site or let you know about changes in our communications with you.