- Introduction and Data Controller
This Privacy Policy sets out how www.overoloasis.com (referred to as “the Company”, “we”, “us”, or “our”) collects, processes, and protects your personal data when you visit our website or purchase our women’s overalls.
For the purposes of the United Kingdom General Data Protection Regulation (UK GDPR) and the European Union General Data Protection Regulation (EU GDPR), the data controller responsible for your personal information is the corporate entity operating as www.overoloasis.com.
- The Data We Collect
We may collect, use, and process different categories of personal data about you, which we have grouped together as follows:
Identity Data: Includes first name, last name, and title.
Contact Data: Includes billing address, delivery address, email address, and telephone numbers.
Financial Data: Includes payment card details necessary to facilitate your transaction.
Transaction Data: Includes details about payments to and from you and other details of the products you have purchased from us.
Technical Data: Includes internet protocol (IP) address, browser type and version, time zone setting and location, and operating system.
- How We Use Your Personal Data
We will only use your personal data when the law allows us to do so. Most commonly, we will use your personal data in the following circumstances:
Performance of a Contract: Where we need to process your order, manage billing, and arrange the physical delivery of your items from our United Kingdom facility to your specified address.
Legal Obligation: Where we need to comply with a legal or regulatory obligation, such as retaining financial records.
Legitimate Interests: Where it is necessary for our legitimate business interests, provided your interests and fundamental rights do not override those interests.
- Payment Processing
To facilitate retail transactions, we utilise Stripe as our designated payment processor. When you place an order, your Financial Data is transmitted directly to Stripe for the purpose of authorising and completing the transaction. We do not store your complete payment card credentials on our internal servers. Stripe processes your financial information under their own privacy protocols, fulfilling the required financial and regulatory compliance obligations associated with processing payments. - Data Protection Protocols
We have implemented reasonable administrative, technical, and physical protocols to manage the confidentiality and integrity of your personal data. We restrict access to your personal data to those employees, agents, and contractors who have a business need to know. While we maintain rigorous data management practices, it is acknowledged within standard operations that no transmission over the internet or electronic storage system is entirely infallible. - Data Retention
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting, or reporting requirements.
In accordance with UK and European tax and legal obligations, we are required to retain basic information about our customers (including Contact, Identity, Financial, and Transaction Data) for a period of six (6) years after they cease being customers. Upon the expiration of this mandatory retention period, your personal data will be permanently deleted or anonymised.
- Your Legal Rights
Under the UK GDPR and EU GDPR, you possess specific rights regarding your personal data. These include the right to:
Request access to your personal data.
Request correction of the personal data that we hold about you.
Request erasure of your personal data.
Object to the processing of your personal data.
Request restriction of processing of your personal data.
Request the transfer of your personal data to you or to a third party.
If you wish to exercise any of the rights set out above, please contact us using the details provided below.
- Contact Details
If you have any questions about this Privacy Policy or our privacy practices, please contact our data compliance team:
Data Controller: www.overoloasis.com
Brand Name: Overoloasis
Email: overalls@overoloasis.com
Telephone: +020 7123 4567
Company Address: 10 Downing Street, London, SW1A 2AA