Last updated: June 2021 version: 202106_02
We take your privacy very seriously. We are committed to respecting your privacy and complying with applicable laws and regulations to ensure that the personal information you give us is kept appropriately secure and processed fairly and lawfully.
We collect, use and are responsible for certain personal data about you. When we do so we are subject to the UK General Data Protection Regulation (UK GDPR). We are also subject to the EU General Data Protection Regulation (EU GDPR) in relation to goods and services we offer to individuals and our wider operations in the European Economic Area (EEA).
Given the nature of our website, we do not expect to collect the personal data of anyone under 13 years of age. If you are aware that any personal data of anyone under 13 years of age has been shared with our website please let us know so that we can delete that data.
If you are under 13 or a minor in your country or state or region of residence, please ask your parent or legal guardian to provide their information for you.
- What this policy applies to
- Personal data we collect about you
- How your personal data is collected
- How and why we use your personal data
- Who we share your personal data with
- Retention and Deletion Of your personal data
- Transferring your personal data out of the UK and EEA
- Your rights
- Keeping your personal data secure
- How to complain
- How to contact us
What this policy applies to
Our website may contain links to other websites owned and operated by certain trusted third parties. Those other third party websites may also gather information about you in accordance with their own separate privacy policies. For privacy information relating to these other third party websites, we advise you to consult their privacy policies as appropriate.
Personal data we collect about you
The personal data we collect about you depends on the particular activities carried out through our website. We will collect and use the following personal data about you:
- your name, address and contact information, including email address and telephone number
- information to check and verify your identity, eg date of birth
- your gender, if you choose to give this to us
- location data, if you choose to give this to us
- your billing information, transaction and payment card or other payment method information
- bank account and payment details
- details of any information, feedback or other matters you give us by phone, email, post or via social media
- your account details, such as username and login details
- your activities on, and use of, our website
- your personal interests
- information about the services we provide to you
- your contact history, purchase history and saved items
- information about how you use our website and technology systems
- your responses to surveys, competitions and promotions
If you do not provide personal data we ask for where it is indicated to be ‘required’, it may delay or prevent us from providing products and services to you.
We collect and use this personal data for the purposes described in the section ‘How and why we use your personal data’ below.
How your personal data is collected
We collect personal data from you:
- directly, when you enter or send us information, such as when you register with us, contact us (including via email), send us feedback, purchase products or services via our website, post material to our website and complete customer surveys, and
- indirectly, such as your browsing activity while on our website; we will usually collect information indirectly using the technologies explain in the section on ‘Cookies’ below
How and why we use your personal data
Under data protection law, we can only use your personal data if we have a proper reason, eg:
- where you have given consent
- to comply with our legal and regulatory obligations
- for the performance of a contract with you or to take steps at your request before entering into a contract, or
- for our legitimate interests or those of a third party
A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests. We will carry out an assessment when relying on legitimate interests, to balance our interests against your own. You can obtain details of this assessment by contacting us (see ‘How to contact us’ below).
(1) Personal data you share with us
We use the personal data you share with us in order to perform our obligations under any contract we have with you, and specifically to:
- create and help you manage your Flexispot account with us;
- provide you with our Flexispot products and to fulfil orders that you place with us on our website;
- allow you to return your Flexispot product, if you change your mind;
- respond to your questions and requests; and
- send you information on any changes we make to our policies or terms.
Where you have given us your consent to contact you, we will use your personal data to:
- send you newsletters, marketing communications, products update and suggestions on how to care for your Flexispot product;
- send you an invite to our sample sale if you have subscribed to it; and
- notify you of other Flexispot products we think you might like based on your previous purchases.
You can withdraw your consent at any time.
We use our legitimate interests to enhance your customer experience and provide the best in class service; therefore we will:
- remind you of what you may be missing if you have put items in your "Shopping Bag" on the website and then abandoned them;
- send you surveys for feedback on our services to enhance your customer experience; and
- keep track of your requests and interactions with our customer service, via LiveChat, telephone calls or direct email.
We comply with our legal and regulatory obligations, therefore we will:
- communications with you not related to marketing, including about changes to our terms or policies or changes to the products and/or service or other important notices;
- protecting the security of systems and data;
- disclosures and other activities necessary to comply with legal and regulatory obligations that apply to our business, eg to record and demonstrate evidence of your consents where relevant;
- we may need to share your personal data with members of our group and third parties in connection with a significant corporate transaction or restructuring. In such cases information will be anonymised where possible and only shared where necessary. (see ‘Who we share your personal data with’ below).
(2) Personal data we collect about you
We use the personal data we collect about you for our legitimate interests so that we can:
- conducting checks to identify you and verify your identity or to help prevent and detect fraud against you or us；
- tailor the way that you interact with us in the future, such as tailoring certain emails and also show you certain adverts, products or offers in which we think you may be interested, on our website and on certain third party websites (including on social media);
- customise our website and its content to your particular preferences based on a record of your selected preferences;
- retaining and evaluating information on your recent visits to our website and how you move around different sections of our website for analytics purposes to understand how people use our website so that we can make it more intuitive or to check our website is working as intended;
- analyse how our website is used, so that we can constantly improve the services that we offer; and
- analyse your feedback, and understand your expectations on our products or services to optimize your customer experience;
Not all of the information used for these purposes is "personal data"; some of it is anonymised or used on an aggregate basis.
(3) Personal data we receive from other sources
We use the personal data we receive from other sources for our legitimate interests so that we can develop an understanding of what people think about our products and services, so that we can constantly improve them.
If you have opted-in for marketing communications from one of our Flexispot franchise partners, this includes an opt-in for marketing communication from us. You can change your preferences at any time by contacting us on [email protected], or by calling us on +44 204 5187 138, or by using the unsubscribe option in each e-mail, or via your online Flexispot account “My Flexispot”.
See ‘Who we share your personal data with’ for further information on the steps we will take to protect your personal data where it needs to be shared with others.
We may use your personal data to send you updates (by email, text message, telephone or post) about our products, including exclusive offers, promotions or new products.
We have a legitimate interest in using your personal data for marketing purposes (see above ‘How and why we use your personal data’). This means we do not usually need your consent to send you marketing information. However, where consent is needed, we will ask for this separately and clearly.
You have the right to opt out of receiving marketing communications at any time by:
- contacting us at [email protected]
- using the ‘unsubscribe’ link in emails or ‘STOP’ number in texts, or
- updating your marketing preferences on our cookie-setting
We may ask you to confirm or update your marketing preferences if you ask us to provide further products in the future, or if there are changes in the law, regulation, or the structure of our business.
We will always treat your personal data with the utmost respect and never share it with other organisations outside the Flexispot group for marketing purposes.
For more information on your rights to object at any time to your personal data being used for marketing purposes, see ‘Your rights’ below.
Who we share your personal data with
We routinely share personal data with:
- third parties we use to help deliver our products AND/OR services to you, eg payment service providers, warehouses and delivery companies;
- our banks;
- other companies in the Flexispot Group or other third parties for operational and business reasons, eg marketing agencies or website hosts and website analytics providers
We only allow those organisations to handle your personal data if we are satisfied they take appropriate measures to protect your personal data.
We or the third parties mentioned above may occasionally also need to share personal data with:
- external auditors, eg in relation to the audit of our accounts, in which case the recipient of the information will be bound by confidentiality obligations
- professional advisors (such as lawyers and other advisors), in which case the recipient of the information will be bound by confidentiality obligations
- law enforcement agencies, courts, tribunals and regulatory bodies to comply with our legal and regulatory obligations
- other parties in connection with a significant corporate transaction or restructuring, including a merger, acquisition, asset sale, initial public offering or in the event of our insolvency—usually, information will be anonymised but this may not always be possible, however, the recipient of the information will be bound by confidentiality obligations
If you would like more information about who we share our data with and why, please contact us (see ‘How to contact us’ below).
Retention and Deletion Of your personal data
We will only keep your information as long as you remain an active customer and for 5 years afterwards or otherwise as required for our business operations or by applicable laws. Recordings of calls to Customer Service are retained for 6 months. We may need to retain certain personal information even once a customer account has been closed or deleted to enforce our terms, to comply with legal or regulatory obligations, for fraud prevention, to identify, issue or resolve legal claims and/or for proper record keeping purposes. We may also retain a record of any stated objection by you to receiving Flexispot updates for the purpose of ensuring we can continue to respect your wishes and not contact you further.
Your personal information will be deleted or destroyed in a manner that cannot be restored or reproduced.
Transfers of your personal data out of the UK and EEA
The personal data that we collect about you may be transferred to, accessed, used or stored in, a country outside the UK and/or outside the European Economic Area ("EEA"), either by us or by any of the third parties with whom we share your personal data.
For example we will transfer your personal data to:
•our service providers located outside the UK in Hong Kong
For further information about such transfers and the safeguards we employ, please contact us (see ‘How to contact us’ below).
You generally have the following rights, which you can usually exercise free of charge:
- Access to a copy of your personal data
The right to be provided with a copy of your personal data
- Correction (also known as rectification)
The right to require us to correct any mistakes in your personal data
- Erasure (also known as the right to be forgotten)
The right to require us to delete your personal data—in certain situations
- Restriction of use
The right to require us to restrict use of your personal data in certain circumstances, eg if you contest the accuracy of the data
- Data portability
The right to receive the personal data you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party—in certain situations
- To object to use
The right to object:
—at any time to your personal data being used for direct marketing (including profiling)
—in certain other situations to our continued use of your personal data, eg where we use your personal data for our legitimate interests.
- Not to be subject to decisions without human involvement
The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you
We do not make any such decisions based on data collected by our website.
For further information on each of those rights, including the circumstances in which they apply and circumstances in which they do not apply, please contact us (see ‘How to contact us’ below).
If you would like to exercise any of those rights, please email, call or write to us—see below: ‘How to contact us’. When contacting us please:
- provide enough information to identify yourself including your full name, address and customer or matter reference number and any additional identity information we may reasonably request from you, and
- let us know what right you want to exercise and the information to which your request relates
Keeping your personal data secure
We have appropriate security measures to prevent personal data from being accidentally lost, or used or accessed unlawfully. We limit access to your personal data to those who have a genuine business need to access it.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with an AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.
How to complain
Please contact us if you have any query or concern about our use of your information (see below ‘How to contact us’). We hope we will be able to resolve any issues you may have.
How to contact us
You can contact us at [email protected] or you can contact our Data Protection Officer (DPO) at [email protected] Alternatively, you can write to the DPO or Flexispot Legal Department at FLEXISPOT LIMITED,Tricor Suite,4th Floor, 50 Mark Lane,London EC3R 7QR,United Kingdom. If you wish to contact us by telephone, Flexispot Customer Service offers global assistance 24-hours a day, seven days a week, and can be contacted on +44 204 5187 138
Individuals within the EEA can contact us direct (see above) or contact our EU Representative Flexispot GmbH at [email protected]