Privacy & security

WHAT PERSONAL DATA IS COLLECTED

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymised data). The personal information we may collect and store about you includes, but is not limited to, the following information: 

  • Title
  • Name and surname
  • Date of birth
  • Gender
  • Email address
  • Contact phone number(s)
  • Billing and delivery address  
  • Bank account and payment card details
  • Transaction data including purchase information and payment details
  • Technical data including IP address, log-in data and computer/device settings  
  • Interests, preferences and website usage data  
  • Interactions with us e.g. contacting our Customer Services Team (we may record your calls), or visits to our website
  • Personal information you put on social media
  • Information you provide in your reviews of us, or survey responses
  • Attendance at events (and travel preferences)
  • Information from cookies, including information on the devices you may use to make a purchase - please see our separate Cookies Policy

We may also use and share aggregated data, which may be derived from your personal data but due to the way the data is handled (by anonymising and/or combining it with other data) it is not considered by law to be personal data.  

We do not collect any special categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

THIRD-PARTY LINKS

The site may include links to third-party websites, plug-ins and applications. By clicking on those links or enabling those connections you may allow third parties to collect or share data about you. Please note that we do not control these third-party websites and are not responsible for their privacy statements. As such, we recommend that you read the privacy policy of every website you visit. 

CONTACT DETAILS

If you have any questions about this privacy policy or our privacy practices, please contact our DPO in the following ways:

Full name of legal entity: Missoma Limited

Email address: dpo@missoma.com

Postal address: FAO: Data Protection Officer, Missoma Limited, Studio 12, 2-4 Exmoor Street, London W10 6BD 

You have the right to make a complaint at any time to the Information Commissioner's Office (“ICO”), the UK regulator for data protection issues (www.ico.org.uk). We hope, however, that any concerns you may have would be satisfactorily dealt with by us, so please contact us in the first instance.

HOW WE COLLECT YOUR PERSONAL DATA

We use different methods to collect data from and about you including through:

  • Direct interactions. You may give us your personal data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
  • apply for our products or services;
  • create an account on our website;
  • subscribe to our publications;
  • request marketing to be sent to you;
  • enter a competition, promotion or survey; or
  • give us feedback or Contact Us.
  • Automated technologies or interactions. As you interact with our website, we will automatically collect technical data about your equipment, browsing actions and patterns. We collect this personal data by using cookies and other similar technologies. Please see our [cookie policy] for further details.
  • Third parties or publicly available sources. We will receive personal data about you from various third parties as set out below.

Technical data from the following parties:

(a) analytics providers such as Google based outside the UK;

(b) advertising networks such as Facebook based outside the UK; and

(c) search information providers such as Google based outside the UK.

Contact, Financial and Transaction Data from providers of technical, payment and delivery services such as Paypal based outside the UK.  

Identity and Contact Data from data aggregators based inside or outside the UK.

 

YOUR PERSONAL DATA

Missoma.com (the “Site”) is owned and run by Missoma Limited. (“we”, “us” or “our”). Your privacy is taken very seriously and steps are taken to ensure your privacy is protected at all times. We also believe it is important to let you know what information is collected from the Site and why, and what we do with this information. 

At Missoma, we collect personal information about you. We are the controller and responsible for the information we may collect. We collect this information in order to provide a personalised experience catered to you, offer you competitions and promotions and to ensure that Missoma is able to continue to improve its standards and services. This also allows us to alert you to administrational, product or service changes, and for marketing purposes. We gather this information about you when you engage in the following ways: 

  • You register with, or subscribe to, missoma.com and marketing channels. 
  • You use our online services and place orders. 
  • You sign up to competitions or special offers. 
  • You interact with us online via social media, digital advertising on our, or any other, website where Missoma are represented. 
  • You ask for information, provide a testimonial or feedback, comment on blogs and articles that are represented by Missoma. 
  • You attend an event hosted by us, or where we are acting as sponsor. 

This website is not intended for children and we do not knowingly collect data relating to children. If you are under the age of 16, you must inform a parent or guardian about our privacy policy and obtain their agreement to this privacy policy before using any of our online services, including, but not limited to, registration with Missoma, subscribing to our newsletter, or placing an order with us.

We have appointed a data protection officer (“DPO”) who is responsible for overseeing questions in relation to this privacy policy. If you have any questions about this privacy policy, please contact the DPO using the details set out below.

WHY WE'RE ALLOWED TO HANDLE AND STORE YOUR PERSONAL DATA

  1. Consent

If you visit the Site and are not already an existing customer, we might ask for your consent to process your data, so that we can send you our special offers and news.

    2. Contractual obligations

For example, in order to allow us to fulfil an order when you purchase our products.  

    3. Legal compliance

In some circumstances, we may be legally required to collect and process your data e.g. to pass it on to the police if criminal activity is suspected.

    4. Legitimate Interest

It may be necessary to use your data to help us run and improve our business. For example, to personalise the services we provide, or to improve our internal processes. We will only use your data in these instances, where doing so does not materially impact your rights, freedom or interests. 

We will only use your personal data when the law allows us to. Most frequently, we will use your personal data to fulfil a contractual obligation, or where we have a legitimate interest.  

Generally, we do not rely on consent as a legal basis for processing your personal data. However, if you are not already a customer, we will get your consent before sending third party direct marketing communications to you via email or text message. In the event you do not wish for us to use ‘Your Personal Data’ for marketing purposes, please either: 

  • Click on the ‘Unsubscribe’ link in the emails we have sent you (if any).
  • Contact our Customer Service Team here Contact Us if you wish to be removed from our marketing database.
reason for processing type of personal data basis for processing

Registering new customers

(a) Name

(b) Contact details

Contractual obligation

Processing and delivering an order, including payment processing and recovery and carbon off-setting.

(a) Name

(b) Contact details

(c) Financial information

(d) Transaction information

(a) Contractural obligation

b) Necessary for our legitimate interests (to recover debts due to us, to track and off-set our carbon emissions)

Managing our relationship with you which will include:

(a) Notifying you about changes to our terms or privacy policy

(b) Asking you to leave a review or take a survey

(a) Name

(b) Contact details

(c) Profile

(d) Marketing and Communications preferences

(a) Contractual obligation

(b) Necessary to comply with a legal obligation

(c) Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services)

Running prize draws, competitions and surveys

a) Name

(b) Contact details

(c) Profile

(d) Usage

(e) Marketing and Communications preferences

a) Contractual obligation

(b) Necessary for our legitimate interests (to study how customers use our products/services, to develop them and grow our business)

Administering and running our website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)

(a) Name

(b) Contact details

(c) Technical data

(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise)

(b) Necessary to comply with a legal obligation

Delivering relevant website content and advertisements to you and understand how helpful that advertising is  

(a) Name

(b) Contact details

(c) Profile

(d) Usage data

(e) Technical data

Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy)

Using data analytics to improve our website, products/services, marketing, customer relationships and experiences

(a) Technical data

(b) Usage data

Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)

(a) Name

(b) Contact details

(c) Technical data

(d) Usage data

(e) Profile

(f) Marketing and Communications preferences

Necessary for our legitimate interests (to develop our products/services and grow our business)

SHARING YOUR DATA WITH THIRD PARTIES

We share your data with the following categories of third parties:

  • Service providers who provide IT, finance, logistics and system administration services.
  • Professional advisers including lawyers, bankers, auditors and insurers.  
  • HM Revenue & Customs, regulators and other similar authorities.
  • Marketing agencies and researchers.  

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

Ordinarily we do not allow the transfer of your data out of jurisdiction. In the rare event that this is necessary, we will ensure that your data is provided with a similar degree of protection as is afforded in your jurisdiction and that the transfer is compliant with all local laws.  

The site may use a pixel operated by Teads, after obtaining your consent, in order to optimize our advertising campaigns. This pixel only collects information regarding the URL address, the types of device, browser and operating system information you currently use. For more information, feel free to read Teads privacy policy. Please also note that you have the right to access personal data Teads hold about you and to ask that your personal data be corrected, erased, or transferred. You may also have the right to object to, or request that Teads restricts certain processing by addressing your request at dpo@teads.com. 

We use a third-party service provider to serve advertisements and/or collect data on our behalf across the Internet and sometimes on this site. Some of these service providers may collect information about your visits to our site, and your interaction with our products and services to tailor marketing messages on this site and other sites or to trigger real time interaction, customise this site or enhance your profile. Some of these service providers may be able to collect personal information that you share with this site via a web form automatically and prior to your pressing a submit button; and they may be able to use information from your visits to this site to send marketing messages to you in a way that may personally identify you. This information is collected through the use of a cookie, a javascript tag and/or pixel, which is industry standard technology used by most major websites.   The information collected by these service providers may include your devices IP address, user agent, email addresses (where hashed or otherwise rendered pseudonymous) and other user and device level pseudonymous information. Please keep in mind that your browser settings may not permit you to control the technologies utilised by these third-party companies. If you would like more information about these practices, please click: http://optout.aboutads.info/#!/ or Contact Us.  

We use a third-party referral programme called Mention Me. If you choose to interact with Mention Me, they will process your email address and certain other data for the purposes of:-

  • Enrolling you onto our refer-a-friend programme.
  • Monitoring the programme and safeguarding against gaming or fraudulent use of the programme.
  • Communicating with you in connection with the operation of the programme and delivery of rewards.
  • Reporting on the performance of the programme

 

Mention Me will also use functional cookies if you choose to interact with the refer-a-friend programme. For more information regarding Mention Me cookies and how they are used you can see Mention Me's own privacy policy via this link: https://mention-me.com/help/privacy_policy_s#cookies

MARKETING AND PROMOTIONS

We may use your personal data to send you marketing and promotional information if you have:

  • requested information from us; or
  • purchased goods from us; and  
  • you have not opted out of receiving that marketing.

CHANGE OF PURPOSE

We only use personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so. 

Please note that we will only process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law. 

HOW WE KEEP YOUR DATA SAFE

We ensure that your personal data is protected by the appropriate security measures to prevent accidental loss, unauthorised use, alteration or disclosure. In addition, we only share your personal data with those employees, or third parties who have a business need to know. These individuals and entities are subject to duties of confidentiality and will only process your data on our instructions.  

OPTING OUT

You can opt of out Missoma or third-party marketing communications at any time by following the opt-out links on any marketing message sent to you, or by contacting us here CONTACT US at any time.

Where you opt out of receiving these marketing messages, this will not apply to any personal data provided to us as a result of purchasing our goods or any other transactions with us.

FAILURE TO PROVIDE PERSONAL DATA

If you do not provide personal data to us in the case where it is needed by law, or under the terms of a contract we have with you, we may not be able to perform the contract we have, or are trying to enter into, with you (for example, to fulfil your order). In this case, we may have to cancel your order, but we will notify you if this is the case at the time.

YOUR RIGHTS IN RELATION TO OUR STORAGE OF YOUR PERSONAL DATA

You have various rights when it comes to your data including the right to:

  • Request access to your personal data.
  • Request correction of your personal data.
  • Request erasure of your personal data.
  • Object to processing of your personal data.
  • Request restriction of processing your personal data.
  • Request transfer of your personal data.
  • Right to withdraw consent.

For more information on these rights, please see the ICO’s website Individual rights | ICO 

KLARNA

In order to be able to offer you Klarna’s payment options, we will pass to Klarna certain aspects of your personal information, such as contact and order details.

Klarna will assess whether you qualify for their payment options and to tailor the payment options for you.

General information on Klarna you can find here. Your personal data is handled in accordance with applicable data protection law and in accordance with the information in Klarna's privacy policy.

CALIFORNIA CONSUMER PRIVACY ACT

In order to satisfy the California Consumer Privacy Act (“CCPA”) and other relevant legislation, we are required to provide specific information for residents of California. You should also refer to the rest of this policy, which provides the requisite detail concerning: 

  • the kind of personal data we collect;
  • the purposes for which we use the data; and
  • where we disclose this information to third parties.

In the preceding twelve months, we have not sold any personal information belonging to consumers.

California consumers may have the right (at no charge, up to twice every 12 months, subject to certain exceptions) to make requests regarding the following:

  • the categories of personal data we collected about you;
  • the categories of sources for the personal data we collected about you;
  • our business or commercial purpose for collecting that personal data;
  • the categories of third parties with whom we share that personal data;
  • the categories of personal data that each recipient received; and
  • the specific pieces of personal data we collected about you

You also have the right, subject to certain exceptions defined in the CCPA and other applicable laws and regulations, to request that a company delete any of your personal data that it has collected from you and retained, subject to certain exceptions. To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by contacting us here.

Your request must:

  • Provide sufficient information that allows us to reasonably verify, that you are the person about whom the personal data concerns. This may include requesting that you provide us with at least two or more pieces of personal data to match against personal data about you that we may or may not maintain and which we have determined to be reliable for the purpose of verification.
  • Describe your request with sufficient detail to allow us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal data if we cannot verify your identity or authority to make the request and confirm the personal data relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use personal data provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

We do not discriminate against consumers for exercising their rights under the CCPA.

HOW LONG WE KEEP YOUR PERSONAL DATA

We will retain the data until the time at which you decide to ‘unsubscribe’, or as long as is necessary for the purpose for which it was collected (subject to legal obligations).  

You can check the information that we hold about you by contacting us here Contact Us or by writing to us at FAO: The DPO, Missoma Limited, Studio 12, 2-4 Exmoor Street, London, W10 6BD. We will provide this information within 40 calendar days of receipt of the information request. If you find any inaccuracies we will delete or correct it promptly. The personal information which we hold will be held securely in accordance with our internal security policy and the law.  

COOKIES

We may use technology to track the patterns of behaviour of visitors to our site. This can include using a cookie internet file, a small file that is sent by our web server to your computer, which we can access when you make return visits to our website.

Storing cookies is usual practice for any website that needs to remember what its users’ preferences are and we use cookies to keep track of your selections on the website. You can usually modify your browser to prevent this happening (www.aboutcookies.org) for more information on this.

If you choose not to receive cookies, you may still use most of the features on our website, including the ability to purchase items.

In line with the ICC UK Cookie Guide, four types of cookies function online:

CATEGORY 1: STRICTLY NECESSARY COOKIES

These cookies are essential in order to enable you to move around the website and use its features, such as accessing secure areas of the website. Without these cookies services you have asked for, like shopping baskets or e-billing, cannot be provided.

CATEGORY 2: PERFORMANCE COOKIES

These cookies collect information about how visitors use a website, for instance which pages visitors go to most often, and if they get error messages from web pages. These cookies don’t collect information that identifies a visitor. All information these cookies collect is aggregated and therefore anonymous. It is only used to improve how a website works.

CATEGORY 3: FUNCTIONALITY COOKIES

These cookies allow the website to remember choices you make (such as your user name, language or the region you are in) and provide enhanced, more personal features. For instance, a website may be able to provide you with local weather reports or traffic news by storing in a cookie the region in which you are currently located. These cookies can also be used to remember changes you have made to text size, fonts and other parts of web pages that you can customise. They may also be used to provide services you have asked for such as watching a video or commenting on a blog. The information these cookies collect may be anonymised and they cannot track your browsing activity on other websites.

CATEGORY 4: TARGETING COOKIES OR ADVERTISING COOKIES

These cookies are used to deliver adverts more relevant to you and your interests. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaigns. They are usually placed by advertising networks with the website operator’s permission. They remember that you have visited a website and this information is shared with other organisations such as advertisers. Quite often targeting or advertising cookies will be linked to site functionality provided by the other organisation.

You can delete existing cookies from your web browser and choose not to receive cookies in the future. This can be done by editing your web browser options. Please note that if you disable cookies, certain functionalities of the website may be affected.

SECURITY POLICY

To process an order, we need your credit / debit card number and expiry date, plus any security details that the credit card processor may require. Missoma employs trusted and reputable third-party hosting agents and payment providers to ensure the security of personal data. All credit card details that are given to us by you the customer are done so on a secure server using Shopify Payments. The transfer of the purchase details from our site to Shopify Payments are encapsulated using their encrypted and digitally-signed protocol. This uses a combination of standard methods to ensure that the information passed is secure and tamper-proof. Shopify Payments is PCI DSS compliant and is regulated by qualified security assessor Trustwave. Please note, we do not store any financial information from you. Alternatively, you may process an order using Paypal, Apple Pay, Google Pay or Amazon Pay.

CHANGES TO OUR PRIVACY POLICY

We reserve the right to modify this Privacy Policy at any time. Any material changes we may make to our Privacy Policy will be updated on the Privacy & Security section of our Site. Please review it occasionally to remain informed and updated. If your personal details change or if you have any queries about how we use your personal data, please notify missoma.com by contacting us here, or by writing to us at FAO: The DPO, Missoma Limited, Studio 12, 2-4 Exmoor Street, London, W10 6BD.