Order Before 3PM on Mon-Fri for Next Day UK Delivery

Order Before 3PM on Mon-Fri for Next Day UK Delivery

Best Sellers Kits & Bundles Mineral SPF

FEATURED

PRODUCTS

SKIN CONCERNS

COLLECTIONS

products photo
find MY SHIELD

Privacy Policy

We are committed to protecting and respecting your privacy. This policy together with our Terms of Use and Cookies Policy sets out the basis on which any Personal Data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our practices regarding your Personal Data.

Personal Data means information that can directly or indirectly identify you ("Personal Data"). This typically includes information such as your name and email address but can also include other information such as an IP address.

This website is not intended for children, and we do not knowingly collect data relating to children.

It is important that you read this privacy notice together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy notice supplements the other notices and is not intended to override them.

 

CONTROLLER 

This website is the property of Wigmore Medical Ltd, 23 Wigmore Street, London W1U 1PL, the Official UK Distributor of Colorescience.  Wigmore Medical is the data controller and responsible for your personal data (collectively referred to as ‘Company’, ‘we’, ‘us’ or ‘our’ in this privacy notice) collected via https://colorescienceuk.com/ (the ‘Website’).

We have appointed a data protection officer (DPO) who is responsible for overseeing questions in relation to this privacy notice. If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact the DPO OR data privacy manager using the details set out below.

Our full details are:

DPO@wigmoremedical.com

Data Protection Officer

Wigmore Medical

23 Wigmore Street

London W1U 1PL

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

 

THIRD PARTY LINKS

This website may include links to our social media pages, advertisers and affiliates, third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.

Communication, engagement and actions taken through external social media platforms that this website and the Company participate are done on the terms and conditions as well as the privacy policies held with each social media platform respectively.

Users are advised to use social media platforms wisely and communicate / engage upon them with due care and caution in regard to their own privacy and personal details. This website may use social sharing buttons which help share web content directly from web pages to the social media platform in question. Users are advised before using such social sharing buttons that they do so at their own discretion and note that the social media platform may track and save your request to share a web page respectively through your social media platform account.

 

PERSONAL DATA

We know that you value your privacy and the security of personal information held about you. We are committed to handling your Personal Data and personal sensitive data in line with data protection law and principles, which means that your data will be: 

  • Used lawfully, fairly and in a transparent way.
  • Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
  • Relevant to the purposes we have told you about and limited only to those purposes.
  • Accurate and kept up to date.
  • Kept only as long as necessary for the purposes we have told you about.
  • Kept securely.

 

INFORMATION WE COLLECT

The information that we collect and store relating to you is primarily used to enable us to provide our services to you that you have requested or consented to.

We use different methods to collect data from and about you, including through:

Direct interactions: You may give us your Personal Data by speaking to us in person, filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:

  • apply for or buy our products or services;
  • create an account on our website;
  • subscribe to our service or publications;
  • request marketing to be sent to you; or
  • give us some feedback.

Automated technologies or interactions:  As you interact with our website, we may automatically collect data about your equipment, browsing actions and patterns. We collect this Personal Data by using cookies, and other similar technologies.

Third parties or publicly available sources: We may receive personal data about you from various third parties and public sources as set out below:

  • Technical data from analytics providers such as Google based outside the UK (please see our Cookies Policy);
  • Contact and financial data from providers of technical, payment and delivery services such as Klarna or Paypal based inside or outside the UK.

Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us, but we will notify you if this is the case at the time.

To see what personal data we collect, for what purpose, how we use it, retain it and secure it, please see the different categories below.

 

On-line Purchases

We may collect your name, title, postal address, email address, home telephone, mobile number, passwords, order history, payment history, payment information (via Paypal, Shopify or Klarna), order wishlist, and other Personal Data you voluntarily provide to us.

We process Personal Data to provide you with our products or services that you request from us, including sending you products you have purchased or samples that you have requested.

We may process this information on the following basis:

  • To carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us;
  • Fulfil our legal and regulatory obligations such as preventing, investigating and detecting crime, fraud or anti-social behaviour and prosecuting offenders, including working with law enforcement agencies or the regulators; ensuring the health, safety and protection of our staff.
  • Exercise tasks under our legitimate interests such as to:
    • enforce our terms and conditions, notably conditions of returns, refunds and payments;
    • handing customer contacts, queries and complaints or disputes;
    • to protect our operations or those of any of our group companies;
    • to protect our rights, privacy, safety of property, and that of our group companies, you or others; and
    • to allow us to pursue available remedies or limit our damages.
  • Your consent in relation to marketing; to deliver relevant on-line advertising to you; to make suggestions and recommendations to you and other users of our site about goods or services that may interest you or them.

We will keep your Personal Data as long as you keep purchasing items from us. We will keep details of the transaction as long as we are legally required, which can be up to seven years.

We store your Personal Data securely on site or securely archived off-site in the UK. Some data may also be stored by our IT providers and payment processors who may be based outside of the UK. Our Website hosts are based in the EU, based in countries recognised as having adequate level of data protection, or have in place Data Processing Addendums containing Standard Contractual Clauses as set out by the EU and UK.

We may share your Personal Data with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006. Where our group members are not based in the UK, we will ensure that any transferred data is treated in a manner commensurate with UK data protection laws. In the event that we sell or buy any business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets. If Wigmore Medical or substantially all of its assets are acquired by a third party, Personal Data held by it about its customers will be one of the transferred assets.

We may also share your Personal Data with our service providers, such as IT systems, support and hosting service providers. The Website is hosted by Shopify. Please review their data policy here: https://www.shopify.com/legal/privacy.

Website payments are taken by Shopify Payments (which utilises Stripe), Apple Pay, Google Pay, Paypal and Klarna. Please review their data policies here:

https://stripe.com/gb/privacy

https://www.apple.com/uk/legal/privacy/data/en/apple-pay/

https://safety.google/intl/en_uk/pay/

https://www.paypal.com/uk/legalhub/privacy-full

https://www.klarna.com/uk/privacy/

Product feedback is managed by Stamped. Please review their data policy here:

https://stamped.io/privacy

Customer accounts are created via Shopify, please review their customer data policy here:

https://www.shopify.com/legal/privacy/app-users 

We may also share this information with third parties if required to do so by law. We do not sell, share or rent the information to third parties.

 

Colorescience newsletter

We collect your name, surname and email address if you choose to sign-up for the Colorescience newsletter and updates on the Website.

We process this Personal Data in order to send you the Colorescience newsletter. We process your name and email address on this basis under your positive consent to do so. You can withdraw your consent at any time by clicking unsubscribe on the emails you receive from Colorescience, or by letting us know on the contact details set out above.

We store your Personal Data securely on site or securely archived off-site in the UK as long as you have consented to receive the newsletter. Invalid email addresses will be removed from the database.

We may share your Personal Data with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006. Where our group members are not based in the UK, we will ensure that any transferred data is treated in a manner commensurate with UK data protection laws. In the event that we sell or buy any business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets. If Wigmore Medical or substantially all of its assets are acquired by a third party, Personal Data held by it about its customers will be one of the transferred assets. 

We may also share your Personal Data with our service providers, such as IT systems, support and hosting service providers. Our email marketing database is managed by Active Campaign. Please review their data policy here https://www.activecampaign.com/privacy-policy/. You can change your marketing preferences at any time and will always be offered the opportunity to unsubscribe.

We may also share this information with third parties if required to do so by law. We do not sell, share or rent the information to third parties.

 

IP Address

The Website webserver collects information relating to your computer’s hardware and software which may be passed on to the Company. This information may include your IP address, browser type and language, domain names, access times, referring website address and the content of any undeleted cookies that your browser previously accepted from us. This information may be aggregated to measure the number of visits and usage of the Website.

The Company in its legitimate interest may use this information to ensure the security and integrity of our services, ensure our websites operate effectively, improve the content it offers, for systems administration, detecting usage patterns, data analysis, testing, research, statistical and survey and troubleshooting purposes. We may share this information with third parties including IT services, advisors, advertisers and investors for the purpose of conducting general business analysis and to develop and deliver targeted advertising on the Website. We may also share this information with third parties if required to do so by law.

The Website has implemented Google Analytics Demographics and Interest Reporting.  Any demographic reports produced using this data will be used to determine a better understand of our website traffic. You can opt-out of Google Analytics for Display Advertising and customize Google Display Network ads using the Ads Settings. In addition, you can use the Google Analytics Opt-Out Browser Add-on to disable tracking by Google Analytics. Please also see our Cookies Policy for further information. 

We may share your Personal Data with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006. Where our group members are not based in the UK, we will ensure that any transferred data is treated in a manner commensurate with UK data protection laws. In the event that we sell or buy any business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets. If Wigmore Medical or substantially all of its assets are acquired by a third party, Personal Data held by it about its customers will be one of the transferred assets.

We may share this information with third parties if required to do so by law. We do not sell, share or rent the information to third parties.

 

SECURITY

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your Personal Data on our instructions, and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your Personal Data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Where we have given you (or where you have chosen) a password so that you can access certain parts of our site, you are responsible for keeping this password confidential.

 

YOUR RIGHTS

Under the new data protection regulations, you have the following rights:

  • Obtain from us confirmation as to whether or not we process Personal Data from you and, where that is the case, access to your Personal Data;
  • Rectification of inaccurate Personal Data;
  • Erasure of Personal Data;
  • Objection to the processing of Personal Data;
  • Restriction of processing of Personal Data; and
  • Portability of Personal Data – to receive the Personal Data you have provided to us in a structured, commonly used and machine-readable form and transmit it to another data controller.

In some instances, our legal obligations or public duties may override your rights under data protection laws. 

You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response. 

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated. 

You can learn more about these rights here: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/ . If you have any further queries about this policy, or wish to find out more about your rights, please contact the Data Protection Officer at DPO@wigmoremedical.com.  Should you choose to exercise any of these rights, a record will be maintained by Wigmore Medical.

You can withdraw your consent for marketing communications by using the unsubscribe link in any of our marketing communications or by sending us an email to DPO@wigmoremedical.com. Please note that withdrawing your consent will not affect the lawfulness of the processing before the withdrawal.

Thank you for visiting our Website.

This Privacy Policy was updated January 2024.

 

 

Search