Privacy Policy
Who are we? | We are Skin Rocks Ltd a company registered in England and Wales. Our company registration number is 11155429 and our registered office is at 1 Mountview Court, 310 Friern Barnet Lane, London, N20 0LD. Where we decide the means or purpose of processing your personal data, we are the data "controller." |
What’s this policy about? | This policy explains how we process your personal data as a data controller when you make use of the Skin Rocks mobile app (the “Service”). We update this policy from time to time so please check back in. |
How do you contact us? (if you have questions about this policy or to exercise your rights) |
Write to us at: privacy@skinrocks.com. If we can’t resolve your issue, you can also get in touch with the Information Commissioner’s Office: https://ico.org.uk/concerns. |
What are your rights? |
You have the following rights, although these rights may be limited in some circumstances: ● Ask us to send a copy of your data to you or someone else ● Ask us to restrict, stop processing, or delete your data ● Object to our processing of your data ● Object to use of your personal data for direct marketing ● Ask us to correct inaccuracies.
If we rely on consent to process data, or send direct marketing, you can withdraw consent by email to the address above. |
Your data | How we use it | Sources and recipients |
Enquiry data (information we receive when you get in touch) including: ● Name ● Contact details ● Other personal data you send to us as part of enquiries. How long we keep it 6 years from when our relationship with you ends. |
We process this information to respond to your support and other enquiries. Legal basis We may process this data in accordance with the terms of our contract with you (where we need this information to provide the Service to you) or to take steps at your request prior to entering into a contract. We also use this to pursue our legitimate interests, including: (a) our interest in responding to enquiries to ensure smooth operation of our business and services; and (b) to understand our customers and improve our website and Services, by taking on-board your feedback. More information You may be required to provide us with certain information for us to respond to your enquiries. |
Sources ● We collect this information from you when you send it to us. Recipients We may store this information with ZenDesk. |
Account data (information we receive when you set-up and use your account) including: ● Name ● Age, gender ● Credentials (username & password) ● Preferences (e.g. types of product you may be interested in, or skin and other conditions you are concerned about) ● Contact details (email) How long we keep it We keep your account data for 7 years from when our relationship with you ends. |
We process this information to set-up your account, enable you to use the Service (for example, to show you content and recommend products which are more relevant to you), and to allow you to manage and pay for your subscriptions. Legal basis We process this information in accordance with the terms of our contract with you to provide the Service to you where we need it to deliver functionality you have requested. Where you provide certain more sensitive “special category” data to us, including skin or other conditions you are concerned about (“Concerns”), we process that information where you have given your consent. We may anonymise & aggregate Concerns, Preferences, age and gender details, across all users to use it in pursuit of our interest in understanding the types of products and concerns users tend to have so we can decide which content and products to feature in the Service. More information You may be required to provide us with certain information for us to respond to your enquiries and to register an account. |
Sources ● We collect this information from you when you register and use the Services. Recipients We use the following service providers to help us provide our Services and they may process this information on our behalf: ● Amazon Web Services |
Analytics Information about how users interact with the app namely: ● the content you view; ● the features of the app you use. How long we keep it After 5 years underlying data is deleted, but we may retain aggregate statistics generated from it which are anonymous. |
When you request content or use features in the app, our servers record which content and features you interact with. We use this to understand how people use the Service, and to help improve and maintain the Service. Legal basis We process this data in pursuit of our legitimate interests in understanding which content and features are more relevant to our users, so that we can focus on providing a better experience, and so that we can recommend particular content and products to you based on your interests. |
Sources We use the service providers listed below to collect this data from you. Recipients We use the following service providers to help us process this information on our behalf: ● Mixpanel ● Branch ● Amazon Web Services ● Planes Limited |
Marketing We process the following information about you to send you emails or push notifications, to let you know about news, content and updates relating to the Service: ● Name ● Contact information (such as email address or device ID for push notifications) |
We process this information to send you promotional material. Legal basis We process your personal data for this purpose where you have consented to email or push notifications. We may use information as described elsewhere in this policy to determine the content of marketing messages. More Information You can withdraw your consent at any time by dropping us a line or changing your preferences through the Service. |
Sources We collect this information from you. Recipients We use the following service providers to help us process this information on our behalf: ● OneSignal |
Cookie/data | Duration | Purpose | Access |
JWT | 5 years | Authentication - To deliver our Service and keep you logged-in. | N/A |
Device ID (and, if you agree to share tracking data on iOS, your device IDFA) and identifiers to indicate where in the app you follow links | 5 years | Content - To record which content and features you use in the app, to provide the Service and ensure you receive the type of content you are interested in. |
Including: City Region Country Geo source IOS App build number App version Carrier iOS Version Manufacturer Lib version Mixpanel library Model Device model Device ID User ID Operating system Radio Screen height Screen width Wifi Processing time Profile users IOS Timezone iOS app release iOS app version iOS device model iOS Lib version iOS Version Last seen Total app sessions Total app sessions length First app open date Android App Version App Build number Bluetooth Bluetooth version Brand Carrier Has NFC Has telephone Lib version Manufacturer Modell Device ID User ID Mixpanel Library Operating System OS version Screen DPI Screen Height Screen Width Wifi Google play services Processing time |
Transfers | Your data is generally stored in the UK. Where we use data processors outside the UK and transfer personal data to a country which does not provide an adequate level of protection, we use contracts approved by the European Commission which give personal data protection similar to that which it has in Europe. For more information drop us a line using the contact details at the start of this policy. |
Disclosure |
Other than as set out above, we may disclose your personal data: ● Where required by law, government, competent authorities or the courts or to establish, exercise or defend our legal rights, and for the purposes of preventing crime and fraud (for example, we may share personal data with our professional advisors, investigators, or credit reference agencies). ● With members of our corporate group, our suppliers, and subcontractors, as necessary for the purposes set out in this policy. ● If involved in an investment, merger, acquisition, or sale of our organisation or assets, personal data we hold may be shared based on the legitimate interests of us, our shareholders, customers and other parties to a transaction, unless those interests are outweighed by prejudicial impacts upon you. |