Privacy & Cookie Policy

1. WHO WE ARE AND HOW TO CONTACT US

1.1 We are The Hut.com Limited trading as Rock and Roll Beauty. For privacy queries, you can contact us at customer.experience@thehutgroup.com. Other contact details are on our website.

2. THE PURPOSE OF THE POLICY

2.1 This policy tells you what to expect when we collect your personal information via our website or social media (together referred to below as “our service”).

2.2 Generally, the policy covers only the information provided to us. If you give personal information to other people, such as payment providers or other websites, please check their privacy policies.

3. CHANGE OF PURPOSE

3.1 Yes. Please check whenever you visit our website. We will assume you agree to the new version of the policy if you use the site after its effective date.

4. INFORMATION WE MAY COLLECT FROM YOU

4.1 Information which you upload to our service or otherwise give us such as

your name and contact details;

other information provided when you register with us;

details about your transactions on our service;

information included in your reviews or which your otherwise provide for display on our service;

contact or other information which you give or allow us to use for newsletters or other marketing; and

your communications with us.

4.2 Limited billing information sent to us by our payment provider for verification purposes e.g., your name, email address and billing / delivery addresses.

4.5 Automated information such as the internet protocol (IP) address used to connect your device to the internet, connection information such as browser type and version, information about your device including device-type and device identifier, operating system and platform, mobile network data, a unique reference number linked to the data you enter on our system, login details, the site from which you arrived at our service, details of your activity with date / time stamps including pages you visited and your searches / transactions.

5. WHY WE COLLECT YOUR INFORMATION

5.1 Because it’s necessary to perform our contract with you and/or to take steps at your request to enter into such a contract, e.g., send service messages, process payments and fulfil orders. This applies typically to initial enquiries, contact and transaction details.

5.2 Because it’s in our “legitimate interests”, e.g., to manage and improve our service including tracking usage patterns and preventing or detecting fraud or abuse. This applies typically to automated usage data and may also include reviews and similar information which you provide for public display on our service.

5.3 Because you’ve agreed. This applies to contact or other information which you give or allow us to use for newsletters or other marketing. You can withdraw permission at any time as explained on our service or by emailing us at the above email address.

6. DETAILS ABOUT COOKIES

6.1 We and/or third parties use cookies and other tracking technologies on our website. A cookie is an identifier (a small file of letters and numbers) that is sent to your computer. Our website’s functionality will be limited if you configure your browser to reject cookies.

6.2 Cookies are widely used to make websites work, or work more efficiently, as well as to provide information to the website owner or others. Session cookies are temporary cookies that remain in the cookie file of your browser only until your browser is closed. They allow websites to link your actions during a browser session. Persistent cookies stay in the cookie file of your browser for longer (how long will depend on the lifetime of the specific cookie). For further information on cookies, including how to use your browser to block them and how to delete cookies already stored on your device, visit: www.allaboutcookies.org.

6.3 The following kinds of cookies may be used on this website:

a. Session cookie: These are essential for our service and enable us to keep track of your movement from page to page and store your selections so you do not get asked repeatedly for the same information. They allow you to proceed through many pages of the site quickly and easily without having to authenticate or reprocess each new area you visit. For example, a session cookie remembers your shopping cart selection so you will have the items you selected when you are ready to check out.

b. Affiliate cookies: Persistent cookies (up to 60 days) are placed by affiliate websites or advertising providers such as Google and Bing so that we can track if users have visited us via such affiliates / advertising and assess the effectiveness of these activities.

c. CDN cookies: Our website provider CDN places persistent cookies (up to 3 years) to remember your settings such as country, language, currency and basket items so these are available when you return to our website.

d. Cookie-warning cookie: This cookie takes note of whether you are happy to accept cookies on this website based on your response to the message which appeared when you first visited the website. This persistent cookie will remember your preference for up to 365 days.

6.4 Other companies which provide us with a service also place cookies. Some of these cookies (e.g. from Google) may involve certain information, such as your IP address and web address of the page you’re visiting, being sent to the company concerned. Below is a summary of the kinds of cookies used together with details about who places them and where you can go to get more information and to opt out (where possible):

Analytics cookie: These kinds of cookies recognise and count the number of website visitors as well as providing other information about the visit such as duration, route through the website and where the visitor came from. This information helps us to improve the way our website works, for example by making sure users find what they need easily. These cookies are provided by:

Advertising cookies: These kinds of cookies are typically used to personalise ads on this or other sites based on your use of our site, to measure ad effectiveness (for example, how often you click on or view ads and whether you go on to buy something from the advertiser) and to stop you being shown the same ad repeatedly. These cookies are provided by:

Google (including Analytics Ad Features / AdSense / Doubleclick)

Microsoft's Bing

- Microsoft's privacy policy including how to control Microsoft’s use of cookies

Note that there are various places where you can go to opt out of many companies’ advertising cookies in one go including some or all of the above:

- www.networkadvertising.org/choices

- www.youronlinechoices.com

- http://optout.aboutads.info

Payment Provider cookies: Our payment provider may place cookies if you use their payment services on our site:

- Paypal’s privacy policy

7. DURATION OF THE INFORMATION STORED

7.1 We will generally keep your information for up to six years after your order - for tax reasons and/or to help deal with any disputes. If you open an account but do not make an order, we will keep your information for up to two years. These timeframes may vary if we are legally required to keep information for a particular period. If you consent to us using your personal information for marketing, we will keep your contact details which we use for marketing until you tell us to stop sending you marketing messages. Reviews will remain on our site until you ask us to archive or delete them by email to Help@revolutionbeauty.com.

8. SHARING YOUR INFORMATION

8.1 To other people who supply us with a service, e.g. couriers (to enable the delivery of goods), e-commerce platform providers, website hosts, content delivery networks and businesses which help us send communications or monitor our website.

8.2 To other users of our service, if you include personal information in a review, post, comment or other public action on our service.

8.3 To credit reference agencies, regulators and the police and other law enforcement authorities to help deal with fraud and abuse and/or comply with legal requirements.

8.4 To insurers and professional advisers in connection with our insurance cover or to deal with legal claims.

8.5 To potential buyers so far as reasonably necessary, in the case of an actual or proposed (including negotiations for a) sale or merger or business combination involving all or the relevant part of our business.

9. HOW WE PROCESS PAYMENT DETAILS

9.1 These go direct to our payment partners. We do not receive such information except as stated above. To ensure your details are not being used without consent, our payment partners may send your personal information to relevant third parties including credit reference and fraud prevention agencies, who may keep a record of that information.

10. YOUR RIGHTS

10.1 If the legal requirements are met: To ask us for access to your personal information, to rectify it if there are mistakes, to delete or restrict or object to its use in certain circumstances or to “data portability” or to withdraw any consent you’ve given (e.g. marketing).

10.2 If you have a complaint about how we are dealing with your personal information, please contact us via the email address below.

Contact Us If you have any queries on any aspect of our Privacy Policy, please contact us on the details below: Telephone: 0161 8131481 Email: customer.experience@thehutgroup.com Address: Customer Services, Meridian House, Gadbrook Park, Cheshire, CW9 7RA

11. YOUR CALIFORNIA PRIVACY RIGHTS

11.1 Consumers residing in California are afforded certain additional rights with respect to their personal data under the California Consumer Privacy Act (“CCPA”). If you are a California resident, this section applies to you.

Collection and Use of Personal Data: In the preceding 12 months, we have collected the following categories of personal data: identifiers (such as name and contact information), commercial information (such as products purchased or returned), internet or other electronic network activity information (such as browsing behavior), geolocation data, audio information (such as customer support call recordings), and inferences we make based on the personal data we collect about you. For more details about the personal data we collect and the sources of such collection, please see “What personal data do we collect about you?” in the privacy policy above. We use the personal data we collect for the business and commercial purposes described in “What do we use this personal data for?” in the privacy policy above.

Disclosure of Personal Data: In the preceding 12 months, we have disclosed the categories of personal data listed above to third parties for business or commercial purposes. Please see “Who do we share this personal data with?” in the privacy policy above, for details.

Sale of Personal Data: California law requires that we provide transparency about personal data we “sell,” which for purposes of the CCPA broadly means scenarios in which we have shared personal data with third parties in exchange for monetary or other valuable consideration. We do not, and will not, sell your identifying information such as your name, email address, phone number or postal address. As described above in the “Marketing” and “Cookies” sections in the privacy policy above, we do share identifiers such as cookies and, where applicable, the advertising identifier associated with your mobile device with our advertising partners so that they can show advertisements that are targeted to your interests. In order to opt out of disclosures to these third parties for purposes of showing you targeted advertisements, please follow the opt out instructions in the “Marketing” section of the privacy policy above.

Your Rights: Subject to certain limitations, you have the right to request: more information about the categories and specific pieces of personal data we have collected and disclosed for a business purpose in the last 12 months; deletion of your personal data; and that we stop selling your personal data. You may make these requests by emailing customer.experience@thehutgroup.com. Once we receive your request, we will verify it by asking you to provide information related to your account or your recent interactions with us, such as information regarding a recent purchase. If you would like to use an authorized agent to exercise your rights, we may request evidence that you have provided such agent with power of attorney or that the agent otherwise has valid written authority to submit requests on your behalf. We will not discriminate against you if you exercise your rights under the CCPA.

You have certain rights in respect of your personal data, including the right to access and correct your personal data, and, in specific circumstances, to transfer your personal data to another entity in a commonly-used format.

You have the right to object to your personal data being used for certain purposes, including to send you marketing. See ‘Marketing’ above, for more details of how to opt-out of marketing.

You also have the right to request erasure of your personal data, for example; where our purposes for processing your personal data have come to an end; where you object to our processing of your personal data based on legitimate interests and we have no overriding legitimate grounds to continue to process your personal data; and where our processing was based on your consent which you have withdrawn.

We will comply with any requests to exercise your rights in accordance with applicable law. Please be aware, however, that there are a number of limitations to these rights, and there may be circumstances where we are not able to comply with your request. To make any requests regarding your personal data, or if you have any questions or concerns regarding your personal data, you should contact us using the details below. You are also entitled to contact your local supervisory authority for data protection.