Latest update: April 10, 2020
Official Secret attaches great importance to the processing, confidentiality and security of your personal data. We are dedicated to offering you personalised services while respecting your privacy and personal choices.
Official Secret Website is managed and published by KALIMAH EXPORTS a, manufacturer of OFFICIAL SECRET products headquartered registered office located at: 5A/3 Kulandaiyappan Nagar 4th Street, Uthukuli Main Road, Tirupur- 641607 – India.
The Website is hosted and powered by Shopify, is the developer of the Shopify platform available to Merchants. Whose registered office is located 150 Elgin Street, 8th Floor Ottawa, ON K2P 1L4, Canada.
The purpose of this Policy is to inform you clearly, simply and fully about the use by OFFICIAL SECRET AND KALIMAH EXPORTS of the personal data of its customers and/or potential customers (“you” and “your”) as well as the rights and options that you have. We thus invite you to read it carefully and to take note thereof before every interaction with us.
This Policy applies to the customers and visitors of the OFFICIAL SECRET Website www.official-secret.com.
OFFICIAL SECRET AND KALIMAH EXPORTS has appointed a Data Protection Officer responsible for ensuring compliance with this Policy and, more generally, compliance with applicable data protection regulations. Our Data Protection Officer can be contacted for any question concerning this Policy according to the modalities shown under heading 4 "Your Rights" of this Policy.
OFFICIAL SECRET AND KALIMAH EXPORTS can modify this Policy from time to time to take into account statutory and regulatory changes as well as to keep you informed of the modifications of our practices concerning the processing of your personal data. Every important modification materially affecting the way in which we use your data shall be notified to you by e-mail and/or information on the Website (for example, a banner, a pop-up window or a push notification), in order to allow you to review the changes made, asses them and, if necessary, object to them or withdraw from a service or functionality.
- GENERAL INFORMATION
“OFFICIAL SECRET”, “we” and “our” refer to KALIMAH EXPORTS a limited liability company (LLC), manufacturer of OFFICIAL SECRET products headquartered registered office located at:5A/3, Kulandaiappan Nagar, Palayakadu, Tirupur- 641603 – India.
Except in the event of a provision to the contrary, OFFICIAL SECRETis the Data Controller of the processing identified in this Policy concerning personal data and, in particular, concerning the protection of natural persons in regard to the processing of personal data and the free movement of this data (hereinafter the “GDPR”).
Any personal information that you may transmit directly or indirectly to OFFICIAL SECRET (for example, through its subsidiaries) is subject to the regulations in effect concerning the protection of data.
- MANAGEMENT OF PERSONAL DATA BY OFFICIAL SECRET
OFFICIAL SECRET collects, stores, processes, uses and communicates your personal data when you use our Website http://www.official-secret.com (the “Website”), you visit our pages on social networks, you contact OFFICIAL SECRET and, more generally, when you join the OFFICIAL SECRET community.
3.1 Objectives pursued by OFFICIAL SECRET
OFFICIAL SECRET collects your data to:
o Reply to your requests, questions and claims:
- Send you our OFFICIAL SECRET offers, news and events, according to the means of communication that you have chosen
- Notify you of the online availability of an out-of-stock product (availability warning)
- Inform you of the launching of an event
- Reply to you when you have contacted us (by means of the online contact form or by e-mail/telephone to the customer service).
o Manage your integration into the OFFICIAL SECRET community, the orders and purchases you make in a Boutique or online and fulfil our contractual and statutory obligations:
- Execution, delivery and monitoring of your orders/purchases (including customs clearance)
- After sales service for any purchase
- Execution of the guarantees applicable for any purchase
- Management of your personal account on the Website
- Management of your request(s) when exercising your rights (see the Section 3 “Your Rights”).
o For the legitimate interests of OFFICIAL SECRET:
- Ensure the management of our relations with you by keeping updated a centralised database which includes existing and potential customers
- Establish your customer profile in order to manage in a proactive and personalised manner the monitoring of the business relationship. This processing involves the analysis of your user or customer profile to determine what your preferences are and to offer you products that we believe may be of interest to you
- Allow users to recover a shopping cart in progress
- Carry out studies and statistics in order to better understand our clientele and improve our services (internet site, newsletter, effectiveness of advertising campaigns, etc)
- Ensure the security of online transactions as well as prevent fraud and payment incidents (in OFFICIAL SECRET online shop)
For all these purposes based on our legitimate interest, we make sure to take into account any potential impact that this processing may have on you and more generally on the users of the Website. If we think that your interest or your fundamental rights and freedoms override our legitimate interest, we will then not use your personal data on this basis, and may ask you for your specific consent.
o Additional note concerning automated decision-making in the framework of the fight against fraud on Internet
We use automatic fraud detection algorithms to control your online purchases in order to prevent fraudulent transactions and payment incidents.
These algorithms analyse the data pertaining to your transaction (products, contact details and bank information) and to your use of the Website (visited pages and browsing on the Website) combined with anonymous data relating to the device used for browsing (such as the screen resolution or the operating system version) which can be used to reliably identify your device in the event of consecutive visits and enable us to analyse fraud risks.
This automated control may result in the transaction being blocked. Depending on the results of the control carried out, we may decide to take additional security measures and, if the security of the order cannot be guaranteed, we may choose to cancel it. For instance, a manual analysis of the blocked transaction may be carried out by our customer service and can lead us to collect additional personal data for the purposes of verifying your identity, the validity of the order, the payment method used, or the delivery envisaged.
o Additional note on OFFICIAL SECRET's pages on social networks
2.2 Data collected by OFFICIAL SECRET
The term “personal data” means any information allowing you to be directly identified (your last name and first name) or indirectly (the customer identifier that we attribute to you in our systems).
For the purposes specified above, OFFICIAL SECRET collects and processes the following categories of data:
- Identification and contact data: for example, your identity, e-mail address, telephone number, the country from which you interact with us, your connection identifiers on the Website, your internal OFFICIAL SECRET identifier, etc.
- The information concerning your identity document in limited, specific cases (in particular: additional verification in the framework of the prevention of fraud, verification of the identity of the person exercising the right)
- Data concerning the transaction: for example, the articles chosen, the order number, your postal address for delivery and invoicing, means of payment, banking details, etc.
- Data concerning the monitoring of our business relationship: for example, your customer profile, the history of your purchases, returns and exchanges of articles, the history of your contacts and claims or of your correspondence with our customer service, etc.
- Connection data concerning the terminal used: your IP address, location of the terminal, use or not of a proxy, type of browser and browser information, etc.
- CCTV recordings.
The information communicated directly by you and essential to OFFICIAL SECRET to fulfil the purposes pursued is indicated by an asterisk on the various forms that you fill in. If you do not fill in these required fields, OFFICIAL SECRET cannot reply to your requests and/or supply you with the products and services requested. The other information of the various forms is optional and allows us to know you better in order to meet your expectations more accurately and to be able to send you, if you accept it, information about new OFFICIAL SECRET collections, promotions and private sales, events, etc.
3.3 Retention of your personal data
The data is kept for a period that does not exceed the necessary duration for the purposes for which it has been collected and which are specified above.
Your personal data is kept by OFFICIAL SECRET:
- When purchasing OFFICIAL SECRET products, we keep your data for as long as necessary for the execution of the contract;
- In the event of the creation of a Client account (on the Website), the data will be kept until you send an deletion request or after a certain period of inactivity;
- In the event of a registration to our newsletter/the use of your data for marketing prospecting, your data will be kept until you request for a deregistration, the deletion of your personal data, or after a period of three years with no interaction with OFFICIAL SECRET;
- For as long as necessary to reply to your request, question, or claim: for example, until the sending of the availability notice of a product;
- 13 months for cookies placed in your computer;
- 24 hours to carry out the processing of abandoned shopping cart reminded.
In order to comply with our legal obligations and prove we comply with them (accounting and tax obligations for instance), but also in order to exercise some of our rights and defend our interests (e.g. to take legal action), certain personal data are kept longer than mentioned above, prescribed by the legal obligation or until the legal action prescription period ends.
The data is then deleted definitively from our systems or anonymised so that you are no longer identified or identifiable.
3.4 Recipients of the data – Sharing of the data with third parties
Your personal data are addressed to OFFICIAL SECRET and KALIMAH EXPORTS employees and are also accessible by OFFICIAL SECRET subsidiaries. OFFICIAL SECRET employees are authorised to access the personal data solely in the course of their functions. Controls are put in place to ensure that the access granted matches the needs of their functions.
Your data is also transmitted to/accessible by third party service providers to whom we call upon to fulfil the purposes described in this Policy and, in particular:
- Financial institutions,
- Detection and prevention of fraud service providers,
- Technical and technological service providers and suppliers,
- Logistics, transport and delivery services providers,
- Communication, marketing and advertising service providers and partners.
Your data can also be transmitted to third parties and, in particular, to the customs authorities, representatives of the police, Courts of Justice and governmental and regulatory authorities: (a) if we believe that a disclosure of information is necessary by virtue of applicable laws or legal or regulatory proceedings (for example, in reply to a summons or a judicial order) or (b) to protect and defend our rights, and the rights and security of third parties, including to defend ourselves against legal actions. Even if the disclosure of information to these authorities is not an obligation for us, we can choose, at our discretion, to provide them with our assistance if need be.
However, this excludes the selling, renting, sharing or in any other way the disclosure of personal information for commercial purposes in violation of the commitments included in this Policy.
Some of these recipients are located outside of the European Economic Area in countries whose level of protection of personal data is not comparable to that of the European Economic Area. When we transfer your personal data to these countries, we ensure the continuous security of your data and subject the transfers to appropriate guarantees, by means of the signature of the standard contractual clauses of the European Commission.
When you access our OFFICIAL SECRET pages on social networks, your browser is subject to the confidentiality policies of these social networks, over which we have no control.
3.5 Security and confidentiality of the data
OFFICIAL SECRET has taken all the technical and organisational measures to protect the confidentiality and security of the personal data processed, in view of its nature and the risks of processing and to prevent that it is distorted, damaged, destroyed or that unauthorised third parties have access thereto.
OFFICIAL SECRET has, in particular, implemented the following measures:
- OFFICIAL SECRET’s information systems are subject to physical and logical protection in accordance with the state-of-the-art, regularly assessed and improved. Backup procedures of OFFICIAL SECRET’s information systems are regularly executed.
- Access to the data is limited to the sole employees of OFFICIAL SECRET authorised because of their functions, with these employees being subject, furthermore, to contractual confidentiality obligations.
- OFFICIAL SECRET’s service providers and sub-contractors are bound by written commitments to take security measures that are sufficient to ensure the protection of your personal data in accordance with the applicable legislation.
- OFFICIAL SECRET’s Website is protected by a SSL encryption process making the data illegible during its transmission on the internet.
We remind you that OFFICIAL SECRET does not control all the risks relating to the functioning of Internet and we draw your attention to the existence of eventual risks inherent to its use and its functioning.
- YOUR RIGHTS
We undertake to guarantee the exercising of the rights that you have pursuant to the personal data protection regulations. You can thus exercise the following rights at any time:
- Right to information: you have the right to obtain clear, transparent and comprehensible information about the way in which we use your personal data and about your rights. You will find all of this information in this Policy. If you wish to have additional information, we invite you to contact our Data Protection Officer (see contact details below).
- Right of access: you have the right to obtain a copy of the personal data that we possess about you.
- Right of rectification: you have the right to have your personal data rectified if it is inaccurate or obsolete and/or to supplement it if it is incomplete.
- Right of deletion/ right to oblivion: you have the right to have your data deleted or suppressed.
- Right of objection: you can object to the processing of your data when the processing is based on the OFFICIAL SECRET’s legitimate interest for reasons pertaining to your particular situation (which need to be specified in your request).
- Right of objection to direct marketing: You can at any time request to no longer receive commercial/marketing communications regarding our offers, news and events.
- Right to withdraw your consent: you can at any time withdraw your consent to the processing of your personal data when this processing is based on your consent.
- Right to the restriction of processing: you have the right under certain conditions to request that the processing of your personal data be temporarily suspended.
- Right to the portability of the data: you have the right to request that your personal data be transmitted to you in a format allowing it to be used in another database.
- Right to define general or specific instructions pertaining to the retention, deletion and communication of your personal data after your death. These general or specific instructions define the way you want your rights to be exercised after your death. You may modify or revoke these instructions at any given time.
You can exercise these rights or ask any question concerning the management of your personal data by contacting our Data Protection Officer:
- By e-mail to firstname.lastname@example.org
- By mail : to the attention of the DPO (legal department), By using the online contact form available here
If we consider it necessary to confirm your identity, we can ask you for proof of identity.
You can also exercise your rights of rectification and/or of objection to marketing directly:
- Under the dedicated heading of your personal OFFICIAL SECRET account on the Website;
- By using the deregistration link shown at the bottom of each e-mail (valid for the newsletter deregistration only) or by sending STOP to the number indicated in each sms (valid for sms deregistration only);
5.1 What is a cookie?
A cookie is a text file that can be stored in a dedicated area of your Terminal's* hard disk when viewing an online service using your browser. A cookie file enables its issuer to identify the terminal on which it is stored during the cookie's validity or registration period.
* the Terminal means the hardware (computer, tablet, smartphone, etc.) that you use to view or display a website, application, advert, etc.
You can modify the cookie settings at any given time. You will find more information regarding cookies and how to manage cookies settings below.
5.3 Cookies we issue on our Website
We and our partners issue various types of cookies when you visit our Website:
o Technical cookies essential to the Website’s functioning which give you access to or facilitate your browsing on the Website, or to provide the online communication services you require while browsing, and in particular:
- To store in memory the cookie settings you have chosen (via our cookie management tool) ;
- To adapt the presentation of the Website to your device’s display preferences (language used, screen resolution, operating system used, etc.) when you visit the Website, depending on the reading or visualization material and software your device carries;
- To put into effect security measures, for instance when you are asked to connect again to a content or a service after a certain amount of time;
- To allow you to access dedicated and personal spaces of the Website, such as your account, using logins or data which you have possibly entrusted to us beforehand;
- To save information pertaining to a form you filled on the Website (registration or access to your account) or to products, services or information you have chosen on the Website (Subscribed service, order basket content etc.);
o Functional cookies which allow us to improve the features and personalisation of the Website, such as the use of videos.
o Audience measurement and optimization cookies which allow us to:
- Establish statistics and volume of visits;
- Follow and analyze your journey on the Website (visited sections and content, journey), allowing OFFICIAL SECRET to improve the interest and ergonomics of the Website, as well as the visibility of the contents we publish (AB testing type cookie);
- Evaluate the efficiency of our paid search engine optimization campaigns;
o Analysis and personalisation marketing cookies which allow us to:
- Improve your browsing and shopping experience on the Website;
- Recommend products that better meet your expectations and preferences, in particular by identifying products that may correspond to the interests deduced from the previous browsing of the concerned device.
- Send you emails to inform you of the status of your basket: you can stop the targeting at any given time by using the unsubscribe link at the bottom of these emails (only valid for basket reminder emails).
o Advertising cookies which are installed on the Website by our advertising or affiliate partners. They are used by these companies to analyse your centers of interest and be able to offer you OFFICIAL SECRET products or relevant advertisements on other websites (including social networks). They also allow to measure the impact of our media campaigns and to compensate the affiliates of affiliation programs to which OFFICIAL SECRET is a party (an affiliate is a third party Website that references our products and sends web users on our Website to make their purchases);
Some cookies used for the purposes described above are emitted by third party companies. These “third party cookies” are installed and managed by these third-party companies in order to provide the services we have requested from them. These companies act solely on our behalf as data processors.
However, these companies may reuse the data for their own purposes in order to improve their services. In that case, OFFICIAL SECRET ensures that the adequate contractual obligations are imposed and requires complete anonymization and prior aggregation of the data.
Some of the data collected through the cookies listed above may be reused in order to detect and prevent fraud (cf article 3.1)
5.4 Setting up cookies
You can set up your browsing software to save cookies on your device or, on the contrary, to reject them systematically, or reject them depending on their emitter. You can also set up your browsing software in such a way that it will occasionally ask you whether you want to accept or reject cookies before a cookie is saved on your device.
Each browser has a different configuration for managing cookies and your choices. This configuration is described in your browser's help menu, informing you how to change your cookie management choices.
You can also use our Cookie Consent Tool that gives you control over the way cookies are installed on your device when visiting our Website:
5.5 If you share your terminal with others
If your device is used by more than one person and a single terminal has several browsers, we cannot be certain that the services and advertising sent to your device actually correspond to your own use of that device, as opposed to the use of that device by another user.
Where this is the case, sharing the use of your Terminal with others and the configuration of your browser's cookie settings are matters of your free choice and own responsibility.