Privacy Policy

Last updated on 22 Sept, 2022

What does this Privacy and Security Policy Cover?

Yipp-eCom Limited respects your privacy and is committed to protecting your Personal Data. We want to be transparent with you about how we collect and use your Personal Data in making available this Yipp-e Website, www.yipp-e.com , (“the Site”) and providing our services.

We want to make sure you know what happens to your Personal Data, what your rights are and how the law protects you.

With that in mind, this Privacy Policy is designed to describe:

  • Who we are and how to contact us.
  • Your rights relating to your Personal Data.
  • Marketing communications preferences.
  • What Personal Data we collect.
  • How we use your Personal Data and why.
  • What happens when you do not provide the necessary Personal Data?
  • Personal Data from Third Party Sources.
  • Who we share your Personal Data with.
  • How we keep your Personal Data secure.
  • How long we store your Personal Data.

The Privacy Policy is intended to meet our duties of Transparency under the “General Data Protection Regulation” or “GDPR”. The protection of the personal data and the protection of the personal and financial information of our clients are our top priority. That is why we process your information exclusively on the basis of the applicable legislation, in particular REGULATION (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (better known as GDPR), the Personal Data Protection Act (PDPA) and the Electronic Commerce Act (ECA) and Data Protection Act 2018 (DPA 2018) as it applies in the UK.

Who we are and how to contact us

Yipp-eCom Limited , a company incorporated and registered in England with company number 12318571 and whose registered office is at 71-75 Shelton Street, London, Greater London, United Kingdom, WC2H 9JQ6. , is the Controller of your Personal Data (referred to in this Privacy Policy as either “Yipp-e”, “We”, “Us” or “Our”). You can contact us directly with any privacy-related queries or complaints on our support email: admin@yipp-e.com

Your rights relating to your Personal Data

Under certain circumstances, by law, you have the right to:

  • Request access to your Personal Data. This enables you to receive a copy of the Personal Data we hold about you and to check that we are lawfully processing it.

  • Request correction of the Personal Data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.

  • Request erasure of your Personal Data. This enables you to ask us to delete or remove Personal Data where there is no good reason for us continuing to process it, unless the processing is necessary for at least one of the following purposes, namely:

    1. exercising the right of freedom of expression and information;
    2. for compliance with a legal obligation which requires processing by law to which Yipp-e and/or its processors are subject;
    3. for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) in so far as the right to erasure is likely to render impossible or seriously impair the achievement of the objectives of that processing or
    4. establishing, exercising or defending legal claims.
  • Object to processing of your Personal Data. This right exists where we are relying on a Legitimate Interest as the legal basis for our processing and there is something about your particular situation, which makes you want to object to processing on this ground. You also have the right to object where we are processing your Personal Data for direct marketing purposes.

  • Request the restriction of processing of your Personal Data. This enables you to ask us to suspend the processing of Personal Data about you, for example if you want us to establish its accuracy or the reason for processing it.

  • Request the transfer of your Personal Data. We will provide to you, or a third party you have chosen, your Personal Data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.

How to exercise your rights

If you want to exercise any of the rights described above, please contact us at admin@yipp-e.com. Typically, you will not have to pay a fee to access your Personal Data (or to exercise any of the other rights outlined above). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive, or, we may simply refuse to comply with your request in these circumstances.

What do we need from you?

We may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of your other rights).

This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it.

We may also contact you to ask you for further information in relation to your request to speed up our response.

How long do we typically take to resolve requests?

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

Complaints

If you would like to make a complaint regarding this Privacy Policy or our practices in relation to your Personal Data, please contact us: admin@yipp-e.com.

We will reply to your complaint as soon as we can.

If you feel that your complaint has not been adequately resolved, please note that the GDPR gives you the right to contact your local data protection supervisory authority, which for the UK, is the Information Commissioner’s Office. You can contact them by calling 0303 123 1113.

Or go online to www.ico.org.uk/concerns (opens in a new window; please note we can't be responsible for the content of external websites)

Marketing communications preferences

You can ask us to stop sending you marketing messages at any time by:

  • Following the “Unsubscribe” links on any marketing message sent to you by Yipp-e or Yipp-e Site; and/or
  • contacting us at any time at enquiries@yipp-e.com

Where you opt-out of receiving these marketing messages, this opt-out will not apply to service-related communications (and any processing of your Personal Data involved in sending such communications). As a non-exhaustive list of what these service-related communications may include, they might be emails or notifications:

  • about orders you make using the Yipp-e platform;
  • relating to the management of your account on the Site;
  • about your use of the Site.
  • concerning updates to this Privacy Policy or our Terms & Conditions etc.

What Personal Data we collect

All the Personal Data we collect, both from you and from third parties about you, is outlined in the table below.

The services we provide you with require the processing of your personal data by Yipp-eCom Limited as CONTROLLER, subject to the terms and requirements for the measure for personal data protection under GDPR.

Personal data does not include ‘anonymous data’ (i.e., information where the identity of the individual has been permanently removed).

However, it does include ‘indirect identifiers’ or ‘pseudonymous data’ (i.e., information which alone doesn’t identify an individual but, when combined with certain additional and reasonably accessible information, could be attributed to a particular person).

  • Identity Data

    Your full name, your signature (when you sign for an order or to confirm collection of a return)

  • Contact Data

    Your home address, shipping address, billing address, email address and telephone numbers.

  • Financial Data

    Your bank account and payment card details, including your bank account number, sort code, IBAN, BIC, and bank address. Payment card details will be collected directly by our Payment Processor and we won’t receive them. However, in certain limited cases, we may receive bank account details in the context of administering refunds.

  • Social Media Data

    The profile picture, email address and first and last name associated with your social media profile.

  • Marketing and Communications Data

    Your preferences concerning receiving marketing from us and your communication preferences.

  • Behavioural Data

    Inferred or assumed information relating to your behaviour and interests, based on your online activity. This is typically aggregated and grouped into “segments”

  • Technical Data

    Internet protocol (IP) address, data about log-ins (e.g., the time when a log-in occurs), browser type and version, time zone setting and city-level location (inferred from your IP address), browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website or use our services.

No Special Categories of Personal Data

We do not collect any “Special Categories of Personal Data” about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

How we use your Personal Data and why

We will only use your Personal Data for the purposes for which we collected it as listed below unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.

If we need to use your Personal Data for an unrelated purpose, we will update this Privacy Policy and we will explain the legal basis which allows us to do so.

What is our “legal basis” for processing your Personal Data?

In respect of each of the purposes for which we use your Personal Data, the GDPR requires us to ensure that we have a “legal basis” for that use. Most commonly, we will rely on one of the following legal bases:

  • Where we need to perform a Contract we are about to enter into or have entered into with you ('Contractual Necessity').
  • Where it is necessary for our legitimate interests and your interests and fundamental rights do not override those interests (“Legitimate Interests”). More detail about the specific legitimate interests pursued in respect of each Purpose we use your Personal Data for is set out in the table below.
  • Where we need to comply with a legal or regulatory obligation (“Compliance with Law”).

We have set out below, the legal bases we rely on in respect of the relevant Purposes for which we use your Personal Data.

  • To provide the Services

    • Why do we do this

      This processing is necessary to perform the contract governing our provision of the Yipp-e services. This includes:

      • Managing orders and returns (including processing payments and refunds through our payment processor).
      • Passing your information to Retailers and Delivery providers for them to process and deliver your order.
      • Providing customer support.
      • Setting up and managing your account on the Site.
      • Providing any other elements of the Yipp-e services to you.
    • Our legal basis for this use of data

      Contractual Necessity.

      Legitimate interests (where you make an order for someone else) – we have a legitimate interest in processing the Personal Data of the recipient of your order for the purposes of performing the agreement we made with you.

  • Saying sorry

    • Why do we do this

      If something goes wrong with an order or a product is out of stock, we may want to use one of our partners to send you a cookie to say 'sorry'.

    • Our legal basis for this use of data

      Legitimate Interests.

      We have a legitimate interest in trying to maintain a good relationship with you in the event that something goes wrong with your order.

  • Insights

    • Why do we do this

      We record a small percentage of Shoppers’ sessions on the Site to identify issues with the user journeys to ensure the quality of service.

    • Our legal basis for this use of data

      Legitimate Interests.

      It is in our legitimate interests that we are able to monitor certain user journeys to ensure that we can develop and improve the features and functionalities of our Site.

  • Aggregated Data creation

    • Why do we do this

      We may also create, use and share “Aggregated Data” (such as statistical or demographic data) for any purpose. Aggregated Data may be derived from your Personal Data, but once in aggregated form it will not constitute Personal Data for the purposes of the GDPR as this data does not directly or indirectly reveal your identity. For example, we may aggregate Technical Data and Behavioural Data to calculate the percentage of users accessing a specific Site feature. However, if we combine or connect Aggregated Data with your Personal Data so that it can directly or indirectly identify you, we treat the combined data as Personal Data that will be used in accordance with this Privacy Policy.

    • Our legal basis for this use of data

      Legitimate Interests.

      We have a legitimate interest in creating Aggregated Data to use and share for our own business purposes.

  • Compliance, fraud prevention and safety

    • Why do we do this

      We use your Personal Data as we believe necessary or appropriate to:

      • Enforce the terms and conditions that govern the use of the Yipp-e platform;
      • Protect our rights, privacy, safety or property, and/or that of you or others;
      • Protect, investigate and deter against fraudulent, harmful, unauthorised, unethical or illegal activity
    • Our legal basis for this use of data

      Compliance with Law – this will be the case where we have to carry out any of these processing activities in order to comply with a legal or regulatory obligation.

      Legitimate Interests – it is in our legitimate interests to be able to take appropriate steps to ensure that our services are legally compliant, free of fraud and safe for you, us and our businesses to use.

  • Troubleshooting

    • Why do we do this

      To track technical issues that might be occurring on our Site or relating to our services.

    • Our legal basis for this use of data

      Legitimate Interests.

      It is in the legitimate interests that we are able to monitor and ensure the proper operation of our Site and associated systems and services.

  • Security

    • Why do we do this

      To keep our Site, together with associated services and systems, operational and secure.

    • Our legal basis for this use of data

      Legitimate Interests.

      We have a legitimate interest in ensuring the ongoing security and proper operation of our Site, together with associated IT services and networks. This may include ensuring that we are protected from automated spamming, crawling, scraping, denial-of-service attacks and similar operations.

  • Marketing

    • Why do we do this

      We use this information to prepare and send you marketing communications relating to products and services of our Retailers that we think you might be interested in.

    • Our legal basis for this use of data

      Legitimate Interests.

      If you have subscribed to our mailing list, we have legitimate interests in:

      • Sending you marketing communications; and
      • Collecting and using information about your engagement with our marketing emails (e.g., whether you open and/or forward those emails) to make sure that the products and offers that we inform you of are relevant to you.

What happens when you do not provide the necessary Personal Data?

Where you fail to provide Personal Data that we need to process based on Contractual Necessity or for the purposes of Compliance with Law, we may not be able to perform the contract we have or are trying to enter into with you (for example, we may not be able to open your account, we may have to close your account, we may not be able to procure the fulfilment of your order or process a return etc).

Personal Data from Third Party Sources

In addition to the Personal Data that we collect directly from you (as described in the section immediately above this one), we can also collect certain of your Personal Data from third party sources. These sources are broken down in the list below, together with a description of whether they are publicly available or not.

  • Third-party data source: Social Media sites

    • Publicly available? Yes
    • Category(ies) or other types of personal data received: Social Media Data
  • Third-party data source: Analytics Providers

    • Publicly available? No
    • Category(ies) or other types of personal data received: Behavioural Data and Technical Data
  • Third-party data source: Advertising technology providers

    • Publicly available? No
    • Category(ies) or other types of personal data received: Behavioural Data and Technical Data, Marketing and Communications Data

Who we share your Personal Data with

The list below describes who we share your Personal Data with, what we share and why we share it.

  • Recipients: Retailers

    • Why we share it

      So that they can fulfil your order, we need to give your delivery information to Retailers whose products or services you purchase.

  • Recipients: Advertising technology providers

    • Why we share it

      Advertising technology and analytics providers collect this Personal Data via this Site and via our marketing emails so that they can make sure that you see the most relevant content based on how you interact with the Site, other pages on the internet, and our marketing emails.

  • Recipients: Our payment processors

    • Why we share it

      We engage third parties to process your payments for products and services purchased via the Site.

  • Recipients: Our delivery partners

    • Why we share it

      Third parties delivery services can be used to send you your orders.

  • Recipients: Our Hosting Provider

    • Why we share it

      We outsource the hosting of the Yipp-e Site. This means that all categories of Personal Data that we process will be held and stored on the servers of our hosted service provider within the EEA.

  • Recipients: HM Revenue & Customs, regulators and other authorities (as independent Controllers)

    • Why we share it

      Authorities may require reporting of processing activities in certain circumstances.

  • Recipients: Partners in corporate transactions

    • Why we share it

      We may disclose Personal Data to third parties to whom we may choose to sell, transfer, or merge all or any parts of our business or our assets. If we undergo a change like this to our business, then the new owners may use your Personal Data in the same way as set out in this Privacy Policy.

How we keep your data secure

The data we collect from you shall be stored within the European Economic Area (EEA) in compliance with the European legislation, and in particular with REGULATION (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (better known as GDPR). Yipp-eCom Limited has implemented a range of technical and organisational measures for protection of your personal data against loss or other forms of unlawful processing in accordance with Article 32 of GDPR. The personal data are accessible only to those persons who need access in order to perform their work in connection with the fulfillment of our services and / or deliveries. The web-based platform, via which www.yipp-e.com processes your orders, encrypts the information.

How long we store your Personal Data

After the fulfillment of an order and / or delivery and/or service via the Yipp-e Site, or after having given your consent, your personal data shall be stored for the following periods:

10 years for accounting documents as of the beginning of the year following the year in which the accounting document was issued – first and last name, phone number, shipping address

5 years from the fulfillment of a particular order and/or service in view of tracking the fulfillment of each order and resolving all matters related to claims – first and last name, phone number, shipping address, e-mail and user profile.

3 years from obtaining the consent – for e-mails with commercial and advertising messages, information materials, surveys, etc., as well as cookies and Google Analytics, functionality and performance cookies, essential cookies.

Yipp-eCom Limited, 2022

Confirm

Are you sure you want to remove this item from your cart?

Doucal's smart Slip-Ons Cognac

Change Delivery Location

Please enter your post code for delivery estimates