This Privacy Notice sets out the details of how Saiyyidah Zaidi Ltd (“we”, “us”, “our”) as data controller, collects and processes your personal data through our website located at www.saiyyidah.com (“the Website”).
For the purposes of this Notice, personal data means any information that can be used to identify an individual whether directly or indirectly.
Please read through the content of this Privacy Notice carefully and ensure that you understand it. If you do not understand the content of this Privacy Notice or do not accept or agree with it then you must stop using the Website immediately. By accessing the Website and providing us with your personal data you are warranting that you are over 13 years of age.
If you have any questions about this Privacy Notice or require more information concerning our privacy practices please contact us at [email protected].
Our Data Promise to you
Saiyyidah Zaidi Ltd is absolutely committed to respecting and protecting your data whilst it is in our care. We collect your personal information because it helps us to understand your needs and guides the way in which we interact and communicate with you about our products and services now and in the future. We have strict policies and procedures in place to protect your data when you send it to us; when we process it in order to provide you with the services you have requested; or, where you have given us your permission to do so, to send you information that we think you’ll find interesting, and thereafter when we store your data on our secure servers.
We are registered with the Information Commissioner’s Office, the regulator of General Data Protection Regulations (GDPR) and other relevant legislation and abide by its requirements.
What personal data do we process, why do we process it, and how do we collect it
We may process personal data that you provide to us by subscribing to our email list, requesting information through our contact forms, completing questionnaires, or by any other communication via email, text, FB Messenger, or through our Website or other online platforms and social media channels.
We may also process data received from third parties such as Google, Facebook, Pinterest, Instagram, Youtube or other analytic, search, advertising, or online information providers based outside of the EU or Paypal, Stripe or other payment processing providers based outside of the EU.
When we process your personal data we will comply with the relevant data protection laws and principles such as the General Data Protection Regulation (EU Regulation 2016/679) (“GDPR”), which means that your data will be used lawfully, fairly and in a transparent way, kept securely and only for as long as necessary for the purposes we have told you about.
We shall only collect and process your personal data for purposes that are clearly outlined prior to you providing us with your data, or for a legitimate reason.
Whenever we process your personal data we do so on the basis of a lawful condition, this will either be because you have given your consent for us to process your data, where we are under a contractual or legal obligation, or where it is in our legitimate interests to do so.
We do not carry out automated decision making or any type of automated profiling.
The types of personal data which we process will vary depending on your own specific circumstances but typically can include:
- Personal Information: which may include your name, date of birth, email address, phone number, business contact details, correspondence address, IP address. We shall process this data for the purposes of communicating with you and keeping our records on the lawful grounds of legitimate interest;
- Customer or Client Information: should you purchase goods and/or services from us then we may process information in connection with your purchase, and the supply of that purchase, as well as keeping appropriate records. Such information may include your Personal Information, billing address, delivery address, credit card or other payment details and we shall process it on contractual grounds;
- User Information: this may include comments or statements that you may make or post via our Website, online platforms or social media channels, images, documents or videos that you share on or through our Website or through any of our pages or other online platforms, and information concerning your use of our Website or other online platforms such as your browser information, pixel ID, page views, pages visited, number of visits and where appropriate log-in details. We shall process this information to analyse and monitor usage and content of our Website and other platforms and channels to ensure the content is relevant to you, to support our administration and record keeping requirements, and to maintain security of our systems on legitimate interest grounds. You may give us information about other people, such as the name and email of a contact if you are attending an event or the name and address of a gift subscription recipient. Please ensure that you are authorised or have the person’s permission to do so.
- Promotional Information: this may include information you provide in connection with any promotions, marketing or advertising from us or our third parties. We shall use this information to provide relevant offers and advertisements, competitions and promotions and other free resources and to monitor our promotional activity, keep records and compile analytics on legitimate interest grounds.
We may also process your personal data to deliver or send relevant advertisements to you through our Website and other online platforms and to analyse the success and effectiveness of such adverts for our legitimate interest purposes of promoting and growing our business.
How do we keep it secure?
We hold your personal data on secure systems, Our staff are trained in data security, and our staff policies and procedures help our staff to understand what is required of them under their obligations to us, and also their responsibilities under GDPR and other privacy legislation.
How do we collect Personal Data?
We collect your details when you register on one of our websites; subscribe to our service; place an order on our website; search for a product; correspond with us by phone, e-mail or otherwise; register to attend one of our events; participate in discussion boards or other social media functions on our website; enter a competition or promotion; apply for a job.
Sensitive Data - We do not collect any sensitive data about you. Sensitive data includes data relating to your health, race or ethnicity, political opinion, religious or philosophical beliefs, trade union membership, genetics, biometrics, sex life or sexual orientation. We do not process any data relating to criminal offences and convictions.
With regard to each of your visits to our websites we may automatically collect the following information:
- technical information, including the Internet Protocol (IP) address used to connect your computer to the internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
- information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.
We will always be transparent about how we plan to use your data so that you have the choice whether or not to give it to us. We respect your preferences and will do our best to make sure that we keep our promises.
If you give us your consent to send you further marketing messages we may contact you from time-to-time with carefully selected offers and promotions from our network of carefully selected partners, from which you may always opt-out or unsubscribe. It is not our practice to contact you if you have made it clear that you do not wish to hear from us about our products and services.
We may need to authenticate your identity to provide you with access to subscriber-only services. We might also send you surveys or invite you to enter a competition or receive a newsletter, for instance. If you do not wish to participate you may simply decline our invitations.
To understand how our websites are used we may use the service Google Analytics to provide us with anonymous statistical information about your use of our website(s).
As part of our Google Analytics tracking we have implemented the following features:
Remarketing, Google Analytics Demographics and Interest Reporting.
Visitors can opt-out of Google Analytics for Display Advertising by visiting here https://tools.google.com/dlpage/gaoptout/
We use this information for reporting purposes and to advertise online. Third-party vendors, including Google, may show your ads on sites across the Internet. We may use the cookies relating to Google Analytics together with third party cookies to inform, optimise and serve ads based on a user’s part visits to our websites.
How do we use your Personal Data?
Fulfillment of a service - We will use your personal data when fulfilling a product or service that you have requested. For example, when you subscribe to a magazine; register to access online content; register to attend an event; enter a prize draw/competition or apply for a job.
Marketing - We will only send you direct marketing when you have either provided consent for example by ticking a box or where we believe we can demonstrate a legitimate interest and have balanced this with your interests and privacy. You can opt out of receiving direct marketing at any time by clicking on the unsubscribe link on our emails or emailing us. Where we contact you through email, we shall ensure that our emails clearly display the location of the sender and include clear options for you to opt-out from receiving contact from us in accordance with the CAN-SPAM Act.
Events - If you register to attend, sponsor or exhibit at one of our events such as consumer events, a B2B event such as a conference; awards or round-table events, we will share your details such as your name, job title and company name, with the events sponsors to ensure that the activity is specific to the audience and suppliers of event services. We also may share the delegate list with the venue for health and safety purposes.
Please note that at some events photographs and video footage may be taken and used for post event publicity. If you have any objection please email us.
Do we share that data with any other companies?
If you send in a comment, we may post it on our site or use it as a testimonial without mentioning your full name or publishing any information that would identify you. Furthermore, in some circumstances we may display some of your information such as your username and age. Others may be able to see your personal data if you post any information on bulletin boards or forums and may be used to send you unsolicited communications over which we have no control.
We may share some of your information with advertisers, ad servers and ad networks to deliver targeted advertising both on our websites and on selected partner websites but this will not include any information which directly identifies you. However, by interacting with or viewing an advert, you should be aware that the third party may make the assumption that you meet the targeting criteria used to display the advert.
Please take care when using social networking sites to which we may invite you to join that you do not disclose anything that you might later wish to retract.
There are certain times when we may have a legal obligation to disclose your data in good faith where it is required by law or to respond to subpoenas or warrants served on us, or where we have a requirement to protect or defend the rights of Saiyyidah Zaidi Ltd or any users of our servers. We will always ensure that those requesting the information have the legal right to do so.
We may use any of the following external service providers to support our business and may share your personal data with those third parties:
We understand that all of these third parties have appropriate technical and security processes in place to protect your data.
We may also share your personal data as follows:
- where it is necessary for external service providers who have been engaged by us to assist in the provision of services to our clients and customers;
- where it is required by our professional support teams;
- where we are required by a government body or legal obligation or to protect our rights;
- where it is required in connection with the sale or purchase of any business or assets;
- with any other member or company of our group.
Where we have outsourced a function or activity to an external service provider, we will only disclose personal data that the service provider needs to undertake that function or activity, and we require external service providers to agree to keep your personal data secure in accordance with the relevant law.
We agree not to share your personal data with any third party for that third party’s marketing purposes unless we have obtained your consent to do so.
Using our websites from outside the UK
Our servers are situated in the USA and when you submit your details and in whichever country you are situated you agree to the data being transferred and processed there. If you are not in agreement with this, please do not add your personal details on the website.
Transfer of personal data
Our Website is located within the USA and when you submit your details and in whichever country you are situated you agree to the data being transferred and processed there. If you are not in agreement with this, please do not add your personal details on the website.
We also comply with the Internet laws applicable to the United Kingdom which includes the GDPR. Your data may be processed within the United Kingdom.
We may also transfer your data to a third-party service provider which requires your data to be transferred outside of the USA/EEA. Where your data is transferred outside of the USA/EEA by our third-party service providers, we understand that they comply with the following standards relating to the security of your personal data:
- Infusionsoft uses the EU Model Contract which governs the lawful transfer of data from the EEA to countries outside of the EEA. In respect of any payment or financial information Infusionsoft also complies with the Payment Card Industry Data Security Standards;
- Facebook complies with the General Data Protection Regulation and is certified under the Privacy shield for data transfers;
- Google complies with the General Data Protection Regulation and is certified under the privacy shield for data transfers. Google also complies with the Payment Card Industry Data Security Standards;
- Paypal relies on Binding Corporate Rules approved by competent Supervisory authorities;
- Stripe is certified under the EU-US Privacy Shield as well as EU Standard Contractual Clauses and Binding Corporate Rules.
- Zoom is certified under the EU-U.S. Privacy Shield Framework and the Swiss-U.S Privacy Shield;
- Whatsapp is certified under the EU-U.S. Privacy Shield Framework and the Swiss-U.S Privacy Shield;
- Leadpages - follow industry standard for securing data. Please see their privacy page (https://www.leadpages.net/privacy);
- Kajabi - participates in the EU-U.S Privacy Shield Framework (“Privacy Shield”);
- Instagram complies with the General Data Protection Regulation and is certified the Privacy Shield for data transfers;
- Twitter - complies with the EU-US and Swiss-US Privacy Shield;
Where we transfer data to parties not listed above that are outside of the USA/EEA then we will ensure that at least one of the following conditions is met:
- You have given your express consent;
- The country has an approved adequate level of protection for personal data;
- It is legally required;
- It is authorised by the relevant data protection authority.
The information we may collect from you about others
Leaving our website and moving on to third party websites
Cookies and how we use them
- To provide you with a more personal and interactive experience on our sites.
- For statistical purposes to track how many users we have and how often they visit our websites.
- We use organisation to collect anonymous user information so they can analyse how the website is being used and the number of visitors.
- We and our advertisers may use statistical cookies to track who has seen an advert and clicked on it.
- To show you adverts that you may be interested in and to control the number of time you see them and measures the effectiveness of the ad campaign.
- We may use ‘Flash’ cookies to store your preference for your media player. If we do not use them, it may not be possible for you to watch some video content.
You have the ability to accept or decline cookies, when you use the website for the first time via “see all options” link on the “pop up” banner, but please be aware that for some parts of our sites to work, you will need to accept cookies.
Opting out on Receipt of Email Marketing Communications Email
If you receive a marketing email from one of our brands, you will have the option to “opt-out” by clicking on the unsubscribe link provided at the bottom of each and every message we send you. If you wish to unsubscribe from all brand lists please contact us. Please be aware that this will not unsubscribe you from our service based messages, such as subscription rewards and subscription reminders. If you wish to be opted out of reward emails, please contact us
Telephone and Mailing Preference Services
The Telephone Preference Service (TPS), the Corporate Telephone Preference Service (CTPS) and the Mailing Preference Service (MPS) allow you to choose to opt out of unsolicited marketing. However, if you are registered on any of the preference services, which are general opt-out registers, you may still receive marketing communications from us if you have given us your consent previously or if you subsequently give us that consent or if we are contacting you under legitimate interests.
Marketing to Children
We do not knowingly collect personal information from children under the age of 16 for marketing purposes.
How you can gain access to the personal data we collect about you
You have the right to see what information we hold about you and the purposes for which we are using it. This is known as a Subject Access Request. In responding to such a request, we may ask for proof of your identity, to ensure that we do not send you personal data to another person. We will respond to any requests as soon as possible, but at least within 30 days. Should you wish to send us a Subject Access Request you can do so by emailing us.
Amend your personal data
You may ask us to make any changes that you consider necessary to make the information accurate, please let us know and we will rectify this as soon as possible. Please email us in order to make any amendments.
We will require that you satisfactorily identify yourself to demonstrate your entitlement to view this data.
Delete your personal data
If you wish for your personal data to be deleted we will review any request on a case-by-case basis. We will respond to you as soon as possible, at least within 30 days of receiving your request.
How long do we keep your personal data?
We hold personal data for different purposes and the length of time we keep your information will vary depending on the services or products we are providing. We will only keep your data for a reasonable period of time, which is based on the purpose for which we are using your data. Once that purpose has been fulfilled, we will securely delete that data or anonymise your information (so that we, or anyone else, can no longer tell that data relates to you) unless we are required to retain the data longer for legal, tax or accounting reasons.