We value your privacy and we want to protecting your personal data. When you visit our website www.topdermal.com and/or its subdomains e.g. en.topdermal.com or es.topdermal.com, when you make a purchase in our online shop or fill in our contact form, Esthetics Online Supply (“Top Dermal” or “we”) processes personal data. The term ‘personal data’ includes all information about an identified or identifiable natural person. In the processing of personal data, Top Dermal qualifies as the controller in the meaning of the General Data Protection Regulation (EU) 2016/679 (“GDPR”).
This Privacy Policy aims to inform you how we collect and process your personal data and to provide you with information on your legal rights under the GDPR.
Where we need to collect personal data by law, or under the terms of an agreement we have with you, and you fail to provide the requested data, we may not be able to perform the agreement we have or are trying to enter in with you (e.g. to provide you products you would like to order). If this is the case, we may need to cancel the order you placed with us, but we will notify you beforehand.
It is important to read this Privacy Policy together with our Terms and Conditions. We recommend that you read this Privacy Policy and the Terms and Conditions carefully.
Table of Contents
- About us
- Personal data we collect and purposes for which these data are collected
- To whom do we provide your personal data?
- How long do we store your personal data?
- Security of your personal data
- Your privacy rights
About us
Topdermal EOOD is a private company established under Bulgarian law, based in Burgas (Bulgaria) and registered under file number BG 206714349, trading under the trade name “Top Dermal”.
If you have any questions regarding our Privacy Policy, on how your personal data are handled, or wish exercise your privacy rights,
Please note that this Privacy Policy is not applicable to third-party websites connected to this site through links or applications. Clicking on such links may allow third parties to collect or share data about you. We cannot guarantee that these third parties will handle your personal data in a secure and careful manner, as we do not control these websites and are not responsible for their privacy policies. We therefore recommend you read these websites’ privacy policies before clicking on any links or making use of the websites accessed by such links.
Personal data we collect and its purposes
Customers and potential customers
We may process the following personal data of our customers if and when necessary for our order administration:
- Name and address details (name, first names, initials, title, address, postal code and place of residence and country of residence);
- E-mail address;
- Payment details;
- Order details including order history.
We process these data for the following purposes:
- To register you as a new client;
- To inform and contact you about your order, our products, ordering methods, payments and applicable conditions;
- Delivery of ordered goods;
- Purchase any product or service from us;
- Engage with us via our Website, telephone, cell phone, or live chat;
- Dispute resolution;
- To comply with our legal and regulatory obligations.
We may process the following personal data of our customers if and when necessary for our service administration:
- Name and address details (name, first names, initials, title, address, postal code and place of residence and country of residence);
- Telephone number;
- E-mail address;
- Order details;
- Payment details;
- Other personal data that may be processed in the context of handling the service request, such as order history.
We process these data for the following purposes:
- Responding to questions;
- Providing service;
- Logging data for insight and improvement;
- Creating replacement orders;
- Dispute resolution;
- To comply with our legal and regulatory obligations.
We may process the following personal data of our customers in our client marketing database:
- Name and address details (name, first names, initials, title, address, postal code and place of residence and country of residence);
- E-mail address;
- Telephone number;
- Transactional data such as order history;
- For direct marketing messages: e-mail address, IP-adres, open ratio and time of opening, click ratio including time stamp regarding visited URLs in the message.
We process these data for the following purposes:
- Provision of information about us and our products, including updates on changes to our Terms and Conditions and our Privacy Policy;
- Direct marketing about our products and/or services, including promotions and events connected therewith;
- Complete the transactions you request, perform our contractual obligations, and send you related information, including confirmations and receipts;
- Engage with you via live chat, or via our Website;
- To analyse whether our messages are opened and to establish which parts of our messages are the most interesting for our newsletter subscribers;
- Research and development;
- Dispute resolution;
- To comply with our legal and regulatory obligations.
Newsletter subscribers
We have a newsletter to inform those interested in our products and/or services, contests, prize draws and other events. The newsletter is event-based, meaning that it will be sent when certain events occur (such as a new promotion). Your email address will be added to the list of subscribers only with your explicit consent. The newsletter is aimed at driving engagement and may include information about new products, promotions and events. We can measure when and to what extent newsletters are opened and on which links in the newsletter you click. Each newsletter contains a link through which it is possible to unsubscribe from our newsletter.
When you sign up to our newsletter, we process the following personal data:
- Your e-mail address;
- IP-address;
- Open ratio and time of opening;
- Click ratio including time stamp regarding visited URLs in our newsletters.
We process these data for the following purposes:
- To send you our newsletter;
- To analyse whether our newsletter is opened and to establish which parts of our newsletter are the most interesting for our newsletter subscribers;
- Dispute resolution;
- To comply with our legal and regulatory obligations.
Site users
When you visit our site, we analyse your use of our Site via the use of cookies and similar technologies. You can set your browser to (partly) disable or refuse cookies. Please read our Cookie Policy for more information about the use of cookies.
We may process the following personal data of all our Site users (whether you make a purchase or not):
- Information on how you use and interact with our websites as well as on the amount of time that you spend on it;
- Basic information that relates to the request that is made from your browser when you visit the webs. These data may include information such as your last visit date and time, the duration of your visit, the timestamp of the browser request, your IP address and basic HTTP header information (like referral URL and user agent), information about the website you have previously visited as well as demographic information including your location.
We process these data for the following purposes:
- Analyzing and improving the use of the website, including optimizing the operation and your experience of the website;
- Marketing purposes (advertising);
- Dispute resolution;
- To comply with our legal and regulatory obligations.
To whom do we provide your personal data?
We do not disclose your information to third parties, unless necessary for the proper performance of the purposes described in this Privacy Policy. For example: to fulfil your order, we need to share your data with payment providers and transportation companies. We may share personal data with our service providers, such as hosting providers, e-mail services and (other) software suppliers, payment service providers, transportation companies, lawyers etc. Furthermore, we may share your data when necessary to and defend the rights or property of Aestheticsonlineshop.com and when necessary to protect the personal safety, property or other rights of the public, Aestheticsonlineshop.com or its customers or employees.
The third parties to whom the personal data is made available are obliged to treat your personal data confidentially. If these parties are regarded as ‘processors’ within the meaning of the privacy legislation, we will ensure that a data processing agreement is concluded with these parties that meets the requirements set out in the GDPR.
How long do we store your personal data?
We will not retain your personal data in an identifiable form for any longer than is necessary for the purposes set out in this Privacy Policy.
The personal data in our order administration will in principle be deleted at the latest two years after the order in question has been processed. The personal data used for website analysis are stored for a maximum of 24 months. The personal data in our service administration and client marketing database are retained for five years after closure of the client file. The e-mail address used for newsletter subscriptions is removed from our mailing list as soon as you choose to unsubscribe.
The personal data of suppliers will in principle be deleted at the latest two years after the order in question has been processed.
Security of your personal data
We have security measures in place to reduce the likelihood of misuse, loss and unwanted disclosure of, and unauthorized access to, personal data. Our employees and business partners are bound by confidentiality and are bound by instructions aimed at the adequate protection of your personal data.
We have procedures in place to deal with personal data breaches and will notify you and the applicable regulator of such breach where we are legally required to do so. If you have any questions about the security of your personal data, or if you suspect or have any indications of misuse, please contact us at request@estheticonlinesupply.com
Your privacy rights
You have the following rights with regard to the processing of your personal data by us:
- the right to request whether we process your personal data and, if this is the case, to inspect your personal data;
- the right to rectification of your personal data if they are incorrect or incomplete;
- the right to have your personal data deleted (‘right to be forgotten’);
- the right to object to the processing of your personal data or to limit the processing of your personal data;
- the right to withdraw consent for the processing of your personal data at any time, if the processing is based on your consent;
- the right to receipt or transfer of your personal data by or to a third party designated by you in a structured, customary and machine-readable form (‘right to data portability’).
If you wish to exercise any of the rights above, please contact us via request@aestheticsonlinesupply.com or via the address mentioned in the ‘About us’ section.
Please be aware that in order to prevent fraud and misuse, we may need to request specific information from you to help us confirm your identity. We may also contact you to ask you for further information in relation to your request. If you wish to inspect personal data linked to a cookie, please make sure to include a copy of the relevant cookie. You will find the cookie in your browser settings.
Within a month after receipt of your request, we will inform you whether we can comply with your request. This period may be extended by two months in specific cases, for example when a complex request is made. We will inform you of such an extension within one month of receipt of your request. Based on privacy legislation we can refuse your request under certain circumstances. If we do so, we will explain the reasons for the refusal. If you object to the processing of your personal data for direct marketing purposes, we will always respect this request.
This Privacy Policy was last revised on December 20th 2023.