Privacy Policy of www.beyofiworld.com

This Website collects some Personal Data from its Users.

Personal Data collected for the following purposes and using the following services:

    • Access to third-party accounts

      • Facebook account access

        Permissions: Access Requests; Activities; Chat; Contact email

      • Twitter account access

        Personal Data: various types of Data as specified in the privacy policy of the service

    • Advertising

      • Amazon Mobile Ads, Microsoft Advertising, Google Ad Manager and Google AdSense

        Personal Data: Cookies; Usage Data

      • Direct Email Marketing (DEM)

        Personal Data: first name; last name

      • Direct Marketing via SMS

        Personal Data: first name; last name; phone number

    • Analytics

      • Alexa Metrics, Google Analytics, Google Analytics with anonymized IP, Google Ads conversion tracking, Wordpress Stats and Twitter Ads conversion tracking

        Personal Data: Cookies; Usage Data

    • Backup saving and management

      • Backup on Dropbox and Backup on Google Drive

        Personal Data: various types of Data as specified in the privacy policy of the service

    • Contacting the User

      • Contact form

        Personal Data: address; city; country; email address; first name; last name; phone number; state; User ID; website; ZIP/Postal code

      • Mailing list or newsletter

        Personal Data: email address; first name; last name

      • Phone contact

        Personal Data: phone number

    • Content commenting

      • Facebook Comments

        Personal Data: Cookies; Usage Data

    • Content performance and features testing (A/B testing)

      • Google Optimize

        Personal Data: Cookies; Usage Data

    • Data transfer outside the EU

      • Data transfer abroad based on consent, Data transfer abroad based on standard contractual clauses, Data transfer from the EU and/or Switzerland to the U.S based on Privacy Shield, Data transfer to countries that guarantee European standards and Other legal basis for Data transfer abroad

        Personal Data: various types of Data

    • Device permissions for Personal Data access

      • Device permissions for Personal Data access

        Personal Data: Call permission; SMS permission

    • Displaying content from external platforms

      • Google Site Search, Wistia widget and YouTube video widget

        Personal Data: Cookies; Usage Data

      • YouTube video widget without cookies

        Personal Data: Usage Data

    • Handling payments

      • Amazon Payments, Authorize.Net, PayPal and Stripe

        Personal Data: various types of Data as specified in the privacy policy of the service

    • Hosting and backend infrastructure

      • Amazon Web Services (AWS) and Google Cloud Storage

        Personal Data: various types of Data as specified in the privacy policy of the service

    • Infrastructure monitoring

      • Web Performance

        Personal Data: Cookies; Usage Data

    • Interaction with data collection platforms and other third parties

      • Mailchimp widget

        Personal Data: Cookies; email address; first name; last name; phone number; Usage Data

      • GetResponse widget

        Personal Data: Cookies; email address; first name; Usage Data

      • GetSiteControl Promo widget and Wufoo Widget

        Personal Data: Cookies; Usage Data

    • Interaction with external social networks and platforms

      • Facebook Like button and social widgets, Google+ +1 button and social widgets, PayPal button and widgets and Twitter Tweet button and social widgets

        Personal Data: Cookies; Usage Data

      • YouTube button and social widgets

        Personal Data: Usage Data

    • Interaction with live chat platforms

      • LiveChat Widget

        Personal Data: Cookies; Data communicated while using the service; Usage Data

    • Interaction with online survey platforms

      • SurveyMonkey Widget

        Personal Data: Cookies; Usage Data

    • Interaction with support and feedback platforms

      • Zendesk Widget

        Personal Data: address; email address; first name; last name; phone number

    • Location-based interactions

      • Geolocation

        Personal Data: geographic position

    • Managing contacts and sending messages

      • AWeber

        Personal Data: address; Cookies; email address; first name; last name; phone number; Usage Data

      • Mailchimp

        Personal Data: address; Cookies; date of birth; email address; first name; last name; phone number; various types of Data

    • Managing landing and invitation pages

      • Mailchimp Landing Page

        Personal Data: address; Cookies; email address; first name; last name; phone number; Usage Data

    • Managing support and contact requests

      • Zendesk

        Personal Data: various types of Data as specified in the privacy policy of the service

    • Platform services and hosting

      • Shopify

        Personal Data: various types of Data as specified in the privacy policy of the service

    • Registration and authentication

      • Facebook Authentication, Instagram Authentication, Log In with PayPal, Login with Amazon, Mailchimp OAuth, Pinterest OAuth, Stripe OAuth and YouTube OAuth

        Personal Data: various types of Data as specified in the privacy policy of the service

    • Remarketing and behavioral targeting

      • Facebook Custom Audience

        Personal Data: Cookies; email address

      • Facebook Remarketing, Google Ad Manager Audience Extension, Google Ads Remarketing and Remarketing with Google Analytics

        Personal Data: Cookies; Usage Data

    • Social features

      • Inviting and suggesting friends

        Personal Data: various types of Data

    • SPAM protection

      • Google reCAPTCHA

        Personal Data: Cookies; Usage Data

    • Tag Management

      • Google Tag Manager

        Personal Data: Cookies; Usage Data

    • User database management

      • Infusionsoft

        Personal Data: various types of Data as specified in the privacy policy of the service

Further information about Personal Data

    • Personal Data collected through sources other than the User

      The Owner of this Website may have legitimately collected Personal Data relating to Users without their knowledge by reusing or sourcing them from third parties on the grounds mentioned in the section specifying the legal basis of processing.
      Where the Owner has collected Personal Data in such a manner, Users may find specific information regarding the source within the relevant sections of this document or by contacting the Owner.

    • Privacy Shield participation: data transfers from the EU and Switzerland to the United States

      The Owner participates in and complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Data transferred from the European Union and Switzerland to the United States. The policies and rights outlined below are therefore equally and explicitly applicable to Users from Switzerland, except if stated otherwise. The Owner has certified to the Department of Commerce that it adheres to the Privacy Shield Principles.

      If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view the Owner’s certification, please visit https://www.privacyshield.gov/ (or find the direct link to the certification list of Privacy Shield participants maintained by the Department of Commerce https://www.privacyshield.gov/list).

      What does this mean for the European User?

      The Owner is responsible for all processing of Personal Data it receives under the Privacy Shield Framework from European Union individuals and commits to subject the processed Personal Data to the Privacy Shield Principles.

      This, most importantly, includes the right of individuals to access their personal data processed by the Owner.

      The Owner also complies with the Privacy Shield Principles for all onward transfers of Personal Data from the EU, which means that it remains liable in cases of onward transfers to third parties.

      With respect to Personal Data received or transferred pursuant to the Privacy Shield Framework, the Owner is subject to the investigatory and regulatory enforcement powers of the FTC, if not stated otherwise in this privacy policy.

      The Owner is further required to disclose Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

      Dispute resolution under the Privacy Shield

      In compliance with the Privacy Shield Principles, the Owner commits to resolve complaints about its collection or use of the User’s Personal Data. European Union individuals with inquiries or complaints regarding this Privacy Shield policy should first contact the Owner at the contact details supplied at the beginning of this document referring to “Privacy Shield” and expect the complaint to be dealt with within 45 days.

      In case of failure by the Owner to provide a satisfactory or timely response, the User has the option of involving an independent dispute resolution body, free of charge.

      In this regard, the Owner has agreed to cooperate with the panel established by the EU data protection authorities (DPAs) and comply with the advice given by the panel with regard to data transferred from the EU. The User may therefore contact the Owner at the email address provided at the beginning of this document in order to be directed to the relevant DPA contacts.

      Under certain conditions – available for the User in full on the Privacy Shield website (https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint) – the User may invoke binding arbitration when other dispute resolution procedures have been exhausted.

    • Selling goods and services online

      The Personal Data collected are used to provide the User with services or to sell goods, including payment and possible delivery.
      The Personal Data collected to complete the payment may include the credit card, the bank account used for the transfer, or any other means of payment envisaged. The kind of Data collected by this Website depends on the payment system used.

    • The Service is not directed to children under the age of 13

      Users declare themselves to be adult according to their applicable legislation. Minors may use this Website only with the assistance of a parent or guardian. Under no circumstance persons under the age of 13 may use this Website.

Contact information

    • Owner and Data Controller

      BEYOFI HAIR EXTENSIONS AND DESIGN SERVICES LIMITED
      85 Great Portland Street First Floor
      London
      W1W 7LT
      United Kingdom

      Owner contact email: support@beyofi.com