Your Data is Secure
Here at Aurora-D.com we are committed to protecting and respecting the privacy of your personal data. This privacy notice explains how your data is collected, used, transferred and disclosed by Aurora-D. It applies to data collected when you use our websites, iOS and android applications, when you interact with us through social media, email, or phone, or when you participate in our competitions or events.
Our commitment to you
We take the protection of your personal data seriously and will process your personal data fairly, lawfully and transparently. This privacy notice describes the personal data we are collecting about you and how it is used.
We will only collect and use your personal data for the following purposes, to:
fulfil your order(s)
keep you up to date with the latest offers
give you a better shopping experience
help us to make our marketing more relevant to you and your interests
improve our services
meet our legal responsibilities
How we keep your data safe and secure
We have appropriate organisational safeguards and security measures in place to protect your data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.
The communication between your browser and our website uses a secure encrypted connection wherever your personal data is involved.
We require any third party who is contracted to process your personal data on our behalf to have security measures in place to protect your data and to treat such data in accordance with the law.
In the unfortunate event of a personal data breach, we will notify you and any applicable regulator when we are legally required to do so.
The personal data we collect
Personal data means any information about an individual from which that person can be identified. It does not include anonymised data, where the identity and identifying information has been removed.
While our website is designed for a general audience, we will not knowingly collect any data from children under the age of 13 or sell products to children. If you are under the age of 13, you are not permitted to use or submit your data to the website.
The following groups of personal data are collected:
Identity Data includes information such as: first name, last name, title, date of birth (optional), occupation, personal description, photo and gender.
Contact Data includes information such as: email address, billing address, delivery address, location, country, telephone number, loyalty programme membership number, and social media id (if you log in by social media).
Financial Data includes information such as: payment card details and bank account.
Transaction Data includes information such as: details of your purchases and the fulfilment of your orders (such as basket number, order number, subtotal, title, currency, discounts, shipping, number of items, product number, single item price, category, tax etc.); payments to and from you and details of other products and services you have obtained from us, correspondence or communications with you in respect of your orders, and details of any rewards and bonuses awarded.
Technical Data includes information such as: details of the device(s) you use to access our services, your internet protocol (IP) address, login data, your username and password, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform.
Profile Data includes information such as: purchases or orders made by you, product and style interests, preferences, feedback, and survey responses.
Usage Data includes information such as: how and when you use our website/app, how you moved around it, what you searched for; website/app performance statistics, traffic, location, weblogs and other communication data; loyalty programme activities; and details of any other boohoo products and services used by you.
Marketing and Communications Data includes information such as: your preferences in receiving marketing from us and our third parties and your communication preferences.
We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.
How we collect your data
We may collect personal data about you in the following ways:
Direct interactions – you may give us your Identity, Contact, Financial, Transaction, Profile, and Marketing and Communications data (as described above) by filling in forms, entering information online or by corresponding with us by post, phone, email, telephone or otherwise. This includes personal data you provide, for example, when you:
Create an account or purchase products on our website
Enter a competition;
Join a Aurora-D loyalty programme;
Complete a voluntary market research survey;
Contact us with an enquiry or to report a problem (by phone, email, social media, or messaging service);
Third parties – we may receive personal data about you from various third parties, including:
Identity and Contact data from another individual when they purchase an e-gift card for you or use the "refer a friend" function on our website;
Technical Data from third parties, including analytics providers such as Google. Please see further information in the section entitled ‘Marketing preferences, adverts and cookies’.
Technical Data from affiliate networks through whom you have accessed our website;
Identity and Contact Data from social media platforms when you log in to our website using such social media platforms;
Identity and Contact data from third parties, including organisations (including law enforcement agencies), associations and groups, who share data for the purposes of fraud prevention and detection and credit risk reduction; and
Contact, Financial and Transaction Data from providers of technical, payment and delivery services.
How we use your data
The legal basis for processing your personal data
We will only collect and process your personal data where we have a legal basis to do so. As a data controller, the legal basis for our collection and use of your personal data varies depending on the manner and purpose for which we collected it.
We will only collect personal data from you when:
we have your consent to do so, or
we need your personal data to perform a contract with you. For example, to process a payment from you, fulfil your order or provide customer support connected with an order, or
the processing is in our legitimate interests and not overridden by your rights, or
we have a legal obligation to collect or disclose personal data from you.
How long we keep your data for
We will keep your personal data for no longer than is necessary for the purpose(s) it was provided for and to meet our legal obligations. Further details of the periods for which we retain data are available on request.
Marketing preferences, adverts and cookies
Marketing - your preferences
We may send you marketing communications and promotional offers:
if you have opened an account with us or purchased goods from us, or registered for a promotion or event, and you have not opted out of receiving that marketing (in accordance with your preferences, as explained below);
by email if you have signed up for email newsletters;
if you have provided us with your details when you entered a competition and you have consented to receiving such marketing (in accordance with your preferences, as explained below).
We may use your Identity, Contact, Technical, Transactional, Usage, Profile Data and Marketing and Communications Data to form a view on what we think you may like, or what may be of interest to you, and to send you details of products and offers which may be relevant for you.
We will ask you for your preferences in relation to receiving marketing communications by email, post, SMS and other communication channels.
From time to time we may also include with your order, inserts advertising goods, services or offers from other third-party companies that you may be interested in.
In respect of third party marketing communications, we will obtain your express opt-in consent before we share your personal data with any third party for marketing purposes.
You will always have full control of your marketing preferences. If you do not wish to continue receiving marketing information from us (or any third party, if applicable) at any time:
you can unsubscribe or ‘opt-out’ by using the unsubscribe button and following the link included in the footer of any marketing email; or
account holders may withdraw their consent by simply logging in to My Account and editing your ‘Contact Preferences’.
We will process all opt-out requests as soon as possible, but please note that due to the nature of our IT systems and servers it may take a few days for any opt-out request to be implemented.