Privacy Policy.
Deborah Harvey ™ Skincare
PRIVACY POLICY - UK
JUNE 2025
At Deborah Harvey ™ Skincare, we are committed to protecting your personal data and respecting your privacy. It is your personal data, and we respect that.
This Privacy Policy tells you about how and why we collect and use the personal data which you provide to us or which we collect about you when you interact with us, for example, when you use our website.
In this notice, when we refer to ‘Deborah Harvey ™’, "us", "we" or "our", we mean Deborah Harvey ™ Skincare and, where applicable, any entities owned or controlled by Deborah Harvey ™ Skincare and which provide you with the Deborah Harvey ™ website or which are responsible for stands or events in your country.
We want you to be fully informed about how we use your personal data, how we keep it secure and your rights in relation to that personal data. We trust this Privacy Policy will answer any questions you have about how we handle your personal data, but if not, please do get in touch with our DPO directly at owner@deborah.harvey.co.uk .It is likely that we will need to update this Privacy Policy from time to time by updating this page. We will notify you of any significant changes but would encourage you to come back and review it from time to time.
ABOUT US - WHO IS Deborah Harvey ™ Skincare?
This Privacy Policy is provided by Deborah Harvey ™ Skincare. When you place an order via the Websites or interact with us online, you are contracting Deborah Harvey ™ Skincare.
ENSURING THE LAWFUL USE OF YOUR PERSONAL DATA
We will only use your personal data where we have a lawful basis to use it. In particular, we will use your personal data in the following circumstances:
• We will use your personal data where it is necessary for us to perform our contract with you (for example, to fulfil your order).
• We may also use your personal data to pursue our legitimate interests (or those of a third party) in a way which might reasonably be expected as part of running our business, and which does not materially impact your interests, rights or freedoms. For example, we might use your purchase history to send you personalised offers or use your shopping history to identify trends and ensure we can keep up with demand of products for our customers.
• We may sometimes need to use personal data to comply with our legal obligations (for example to pass on details related to fraud).
• In some instances, we will ask for your consent to use your personal data, for example, where you sign-up to receive our email newsletters. You can withdraw your consent at any time by letting us know (see "Your Rights" section below).
Please get in touch with us using the contact details provided at the end of this Privacy Policy if you would like further information about why we are using your personal data.
WHAT PERSONAL DATA DO WE COLLECT FROM YOU AND HOW DO WE USE IT?
The personal data we collect about you and how we will use it, depends on how you interact with us, for example, if you place an order on our Website, contact us with a query by email or phone, to make a purchase.
Certain categories of personal data, such as information relating to racial or ethnic origin, health data, genetic data or biometric data (meaning personal data resulting from specific technical processing relating to the physical, physiological or behavioural characteristics of individuals, such as facial or iris scans or voice recognition systems) are classified as “special categories of data” and benefit from additional protection under data protection legislation.
We only collect and use 'special category data' where you have provided us with your consent for us to do so. In some instances, you may have requested services or products that do not directly involve the collection of any special categories of data, but may imply or suggest your religion, health or other special categories of data.
When we send email marketing to you, our email marketing provider, may collect data about the locations from which you access and interact with those emails and the website pages you visit through links embedded in those emails. Our email marketing provider shares that information with us, which can help us to tailor our marketing to you, for example, by telling you about an event or promotion available at a location which is near to where you frequently interact with our emails and linked website pages.
We use analytics tools to measure the effectiveness of our marketing, understand how customers interact with us on our website and online, and to build a clearer picture of our customers and their motivations.
The table below provides some examples of the information we collect about you and how we will use it. The personal data we collect from you How we use it Lawful Basis We will collect the personal data needed to identify you, such as your name, username, password and date of birth. We will also collect your contact details, such as your email address, mobile phone number, telephone number and billing/delivery address. To fulfil your order, for example, by delivering your products to you or to contact you about your order where necessary. We may also share this information with third party delivery and courier services such as The Royal Mail to enable us to fulfil your order. Performance of our contract with you.
To allow you to create an account with us. Legitimate interest (to operate our business and administer the service we offer to you).
To send you email newsletters to keep you up to date about our products and services which we think will interest you and our latest offer. Legitimate interest (to develop our products/services and grow our business).
Where you consent (where consent is required under applicable law).
To send you information with your Order to keep you up to date about our products, services and our latest offers which we think will interest you. Legitimate interest (to develop our products/services and grow our business).
To allow you to book an appointment with us or to attend an event.
Performance of our contract with you.
Legitimate interest (to administer our service to you).
So that you can enter competitions, events or prize draws run by us.
Legitimate interest (to develop our products/services and grow our business).
To communicate with you in relation to your order or booking, or if you raise an enquiry or complaint with us.
Performance of our contract with you
Legitimate interest (to administer our service to you).
To allow you to complete any surveys we send you (if you wish to) or to comment on or review our products or service, to help us to improve them.
Legitimate interest (to study how customers use our products/services).
Fraud prevention and detection. Legal obligation.
Legitimate interest (to prevent and detect fraud, other crime or incidents).
To email you to inform you when a product you want to order is back in stock. Legitimate interest (to develop our products/services and grow our business).
Where you consent (where we are required to obtain consent under applicable laws).
Payment details and details of your transactions. To take payment of your order and, if required, to give refunds. We do not store any payment card numbers once the transaction has been completed. We will share this data with credit card companies and other payment providers.
Performance of our contract with you. Fraud prevention and detection. Legal obligation.
Legitimate interest (to prevent and detect fraud, other crime or incidents).
Information you provide to us when you contact us by telephone, by email, by post or on social media, via our Website, including your telephone phone number, mobile phone number, email address, social media profile/handle and image, as applicable.
Provide you with the support and customer service you have requested. Performance of our contract with you.
Legitimate interest (to meet your needs or requests, manage complaints and resolve any disputes).
Technical information about your equipment, browsing actions and patterns. Information about how you use the Website and pages on the Website, such as the pages and links you access, the time you access them and the duration, and choices you make when using the Website.
To administer and to improve our Website, to ensure it is presented in the most effective manner for you and to give you the best Website experience and to allow you to participate in interactive features of our Website if you choose to do so. Legitimate interest (to improve your experience when you shop and to keep our website updated and relevant).
For data analysis, testing, research and statistical statistics to help us to improve our products and services.
Legitimate interest (to improve your experience when you shop and to keep our website updated and relevant).
To keep our Website safe and secure.
Legal obligation
Legitimate interest (to prevent and detect crime and other incidents).
To make suggestions and recommendations to you and other users of our Website about products or services that may interest you or them.
Where you consent (where we are required to obtain consent under applicable laws).
Legitimate interest (to inform you about products and services that may interest you).
To provide you with information about and remind you about the products and services that you have looked at on our Website.
Where you consent (where we are required to obtain consent under applicable laws).
Legitimate interest (to manage and improve your shopping experience).
To measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you. Where you consent (where we are required to obtain consent under applicable laws).
Legitimate interest (to manage and improve your shopping experience).
To identify behavioural flows from emails we send to you, so that we are able to monitor and analyse the effectiveness of those emails. Where you consent (where we are required to obtain consent under applicable laws).
Legitimate interest (to manage and improve your shopping experience).
Additional information you choose to provide us, including your birthday.
Legitimate interest (to manage and improve your shopping experience).
Personal data provided in audio or video recordings, such as when you call us, customer care calls or online consultation services To improve and monitor our services and for learning and development, training and quality purposes. Legal obligation
Legitimate interest (to manage the way in which we deliver our service to you).
Performance of our contract with you.
Social media handles Where you have provided us with your social media handle to participate in a Deborah Harvey ™ Skincare programme or similar, to enable us to identify and view your social media account(s). Legitimate interest (to manage and improve your shopping experience).
You don’t have to give us any of the personal data set out above but, if you don’t provide us with certain information, we may not be able to provide you with the goods and services you have requested from us. The forms you fill in on our Websites will make it clear what information we need in order to provide the product or service you are requesting and what information you can choose to provide if you wish.
AUTOMATED DECISION MAKING AND PROFILING
When we send or display personalised communications or content, we may use a technique known as "profiling". This means any form of automated processing of personal data to evaluate certain aspects about an individual, in particular to analyse or predict aspects concerning their personal preferences, interests, economic situation, reliability, behaviour, location, or movements. This means that we may collect personal data about you in the different scenarios described in the table above, and use that data to analyse, evaluate, or predict your personal preferences, interests, behaviour and/or location.
You may in some circumstances have the right to request that we don’t use your personal data in this way. Please see "Your Rights" section of this privacy policy below.
SHARING YOUR PERSONAL DATA
SHARING YOUR PERSONAL DATA WITH TRUSTED THIRD PARTIES
We share your personal data with trusted third parties to allow us to provide our services to you. When we do share your personal data with these third parties we only provide the information they need to perform the service. We have written contracts in place with them to ensure they only use your personal data for the purpose we specify to them and that your privacy is secure and respected. These trusted third parties include the following:
MARKETING SERVICE PROVIDERS
Your personal data, which includes but is not limited to demographic information, transaction history, and online behaviour, may be shared with selected marketing service providers for the purposes of the following and is typically known as data profiling:
• helping us better understand the likely characteristics of our customers.
• creating predictive models that can offer suggestions and recommendations to you and other users about products or services that may interest you or them. and
• helping us to communicate with our customers more effectively offline and online. This may mean that you receive tailored advertising via direct mail or when you visit a website.
To ensure the security and protection of your data, all information shared with any marketing service providers will be transformed into a non-readable format. This means that your identifiable information will be removed and replaced with pseudonymous identifiers or encrypted tokens.
The marketing service providers may have the capability to match the data we share with them with data from their or other third-party sources. For example, combining the non-readable data received from us with data collected from various reputable sources to gain more comprehensive insights into consumer behaviour and preferences.
HOW LONG WILL WE KEEP YOUR PERSONAL DATA?
We will only keep your personal data for as long as we need to for the reason we collected it, as set out in this Privacy Policy. For example, for as long as needed to allow us to fulfil your order or to provide any customer services support you have requested or for as long as you hold an account with us.
We may also keep hold of some of your personal data if we are required to do so for legal purposes, for example, to meet our legal or regulatory requirements or to prevent fraud and abuse, or for tax and accounting purposes. For example, we will keep your order data for five years after you place an order with us to allow us to comply with our legal obligations.
When we are no longer required to keep your personal data, your data will either be deleted or completely anonymised.
ENSURING YOUR PERSONAL DATA IS UP TO DATE AND CORRECT
It is important that the personal data we hold about you is accurate and current. If you have an account with us, please keep your details up to date.
SECURITY
We are committed to ensuring that your personal data is secure and we have put in place suitable physical, electronic, contractual and managerial procedures, including our Information Security Management System
THIRD PARTY LINKS
Our Website may contain links to other websites of interest that are not run by us but by third parties. However, we do not have any control over these third-party websites, and they will be governed by their own privacy policies and terms and conditions, not this Privacy Policy. You should review the privacy notices and terms and conditions of any other websites that you use.
HOW CAN I UNSUBSCRIBE FROM MARKETING COMMUNICATIONS?
We love keeping you up to date by email about our latest products, services, offers and events, subject to your marketing preferences. However, if you decide that you don’t want to receive these communications at any point, you can unsubscribe at any time as follows:
To unsubscribe from emails, click on the 'unsubscribe' button on the bottom of any email we send you. If you have an account with us, you can also unsubscribe by going to the Account Information page on the Deborah Harvey ™ Skincare website.
YOUR RIGHTS
You have the following rights in relation to the personal data we hold about you:
The right to insist that companies who hold your personal data are fair and transparent about how and the manner in which they process and use your personal data. This is why we provide you with this Privacy Policy.
The right to access the personal data we hold about you (commonly known as a "data subject access request") including obtain a copy of it. There are some exemptions, which means you may not always receive all the information we process, for example if the records contain personal data of other individuals.
The correction of the personal data that we hold about you if it is incomplete or inaccurate (although if you hold an account with us, you may be able to do this in certain cases yourself by visiting the Account Information page on the Deborah Harvey ™ Skincare website).
The deletion or removal of personal data we hold about you where there is no good reason for us continuing to process it. If you have successfully exercised your right to object to us processing your personal data or if we have processed your personal data unlawfully or we are required to stop processing your personal data as a matter of local law, then you can ask us to delete your personal data.
For our processing of your personal data to be restricted if: (i) you want to make sure the personal data is accurate; (ii) where our use of the personal data is unlawful but you don't want us to erase it; (iii) where you need us to hold the personal data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (iv) you have objected to our use of your personal data but we need to verify whether we have overriding legitimate grounds to use it.
You can ask us to transfer your personal data to a third party, but this right only applies to automated information you initially allowed us to process.
The right to withdraw consent. If we process your personal data on the basis of your consent, then you can withdraw your consent, and we must cease processing it in future. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
We may need to ask you for specific information to help us confirm your identity before dealing with your request. This is a security measure to ensure your personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Right to Object
Where we are processing your personal data on the basis of our legitimate interests, you can ask us to stop processing it and we must do so unless we believe we have an overriding legitimate reason to continue processing your personal data.
If you are dissatisfied with how we have handled your personal data, you have the right to make a complaint to your data protection regulator.
In the UK, this is the Information Commissioner's Office (ICO). You can make a complaint to the ICO by calling their helpline on 0303 123 1113 or on their website at www.ico.org.uk/concerns.
We would, however, appreciate the chance to deal with your concerns before you approach your data protection regulator, so please do contact us in the first instance.
CHILDREN
Customers need to be over the age of 18 to create an account with us. We will not knowingly collect personal data about under 18s and if you are under 18, please do not provide us with your personal data. We would ask parents to please ensure that their children that are under 18 do not provide us with any personal data without their permission. If you believe that a child who is under 18 has provided personal data to us, please contact us, using the details below and we will seek to delete that data from our systems.
CONTACTING US
If you have any questions about our Privacy Policy, need to make a request, or have a complaint, you can reach us by:
Email: owner@deborahharvey.co.uk
Post: Deborah Harvey. 35 The Meadow Way, Harrow, Middx. HA3 7BP
Online: Use our Customer Contact form