Privacy policy
What information do we collect?
When you interact with us, we may collect your name, address, email address(es), telephone number(s), and, where appropriate, date of birth.
How do we collect information?
We collect data when:
- You create an account or make a purchase
- You subscribe to our newsletter or participate in promotions
We may also collect data from third-party services with your consent
Confidentiality
We will not be responsible for the privacy of data collected by websites not owned or managed by Charity, including those linked through our website.
Making a complaint
If you are not satisfied with the response, please contact us at [email protected] with the details explaining your concerns. We will review your complaint and investigate if the right procedures have been followed and respond back to you as appropriate. We aim to complete this investigation within 15 working days of receiving your complaint, however, in some cases it may take longer. If you are still unsatisfied with the response, you may contact us.
Purpose of this Privacy Policy
Fyer Ltd respects your privacy and is committed to protecting your personal data. This privacy policy aims to give you information on how Fyer Ltd collects and processes your personal data through your use of this website, including any data you may provide through this website.
This Privacy Notice has been prepared in accordance with the provisions of the EU General Data Protection Regulation (“GDPR”).
Any questions relating to this Privacy Notice or requests in respect of personal data should be directed to [email protected]
This website is not intended for children, and we do not knowingly collect data relating to children.
It is important that you read this privacy policy together with any other privacy policy or fair processing policy we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy policy supplements other notices and privacy policies and is not intended to override them.
Data Protection and security
We implement security measures like SSL encryption to protect your data. Your payment details are processed securely by our payment provider (located in Cyprus), which complies with data protection laws.
International data transfer
We work with third parties so that they can process your requests for delivery of the products you have purchased from the company or to process your personal data on our behalf and only where they meet our standards on the processing of data and security. By using our services, you consent to the transfer of data to countries outside Lebanon. We ensure compliance with relevant data protection regulations, using Standard Contractual Clauses (SCCs) where necessary.
Data Retention
We retain your data as long as needed for legal and business purposes. This could include one of the ways specified in “How we use your personal information” and for one of these reasons:
- To respond to any questions or complaints
- To maintain records according to rules that applies to us
- Το defend legal claims
- To provide after sales service for the products you have purchased from us.
For deletion requests or inquiries, contact [email protected]
Cookies and Tracking Technology
We use cookies to enhance your experience and track website usage. You can manage cookie preferences via your browser settings. We ensure compliance with GDPR for cookies.
Your Rights
You can:
- Access, update, or delete your data.
- Unsubscribe from promotional emails at any time.
- Withdraw cookie consent via browser settings.
For any data requests, contact us at [email protected]
Changes to Privacy Policy
We may update our Privacy Policy to ensure compliance with any updates to privacy and data protection laws. Any changes will be sent via email with an updated date for your review.
Cookie Consent Banner:
Under the GDPR, there is no mention of a specific language that must be used.
However, we have included the relevant Articles of the GDPR regulating user consent and cookie usage.
Please note that Recital 30 states that “Natural persons may be associated with online identifiers … This may leave traces which … may be used to create profiles of the natural persons and identify them”. Therefore, cookies can be considered personal data under the GDPR.
Therefore, a valid GDPR consent for cookies has the same conditions as the consent needed for using any other personal data.
- Article 4, ‘consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;
This can be given by a written statement, including by electronic means. This could include ticking a box when visiting an internet website or another statement or conduct which clearly indicates in this context the data subject’s acceptance of the proposed processing of his or her personal data. Silence, pre-ticked boxes or inactivity should not therefore constitute consent. The consent should cover all processing activities carried out for the same purpose or purposes. When the processing has multiple purposes, consent should be given for all of them.
Cookies clause:
As with most websites, fyerswims.com uses cookies in order to obtain access to certain information each time you use a web browser to access our online store. Cookies are alphanumeric files that we store on the hard drive of your computer via your internet connection in order to offer you services such as the ones outlined above. You can manage cookies via your browser settings by selecting to prevent your browser from accepting cookies or setting it to ask you each time a new cookie is installed on your hard drive. However, you should be aware that should you choose to block cookies from being stored on your hard drive, you will not be able to use some of the services on our website and online store. At the same time, Fyer Ltd confirms that cookies do not contain or transfer sensitive personal information. The only information that is retained is the customer code which is kept in the online store so that it can automatically recognize you on future visits.
As per Article 7 and in accordance with Council Directive 93/13/EEC (10) a declaration of consent pre-formulated by the controller should be provided in an intelligible and easily accessible form, using clear and plain language. We hereby provide a list of additional requirements that need to be complied with:
Where processing is based on consent, the controller shall be able to demonstrate that the data subject has consented to processing of his or her personal data
Data Retention:
According to Article 5(1)(e) on Principles relating to processing of personal data, personal data should not be retained longer than necessary for the purposes for which it was collected.
This means you need to establish specific retention periods based on the purpose of data collection and processing.
According to Article 5(1)(b) on Principles relating to processing of personal data, Personal data should only be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes. Once the purpose is fulfilled, the data should be deleted or anonymized. Only collect and retain data that is relevant and necessary for the intended purpose
The GDPR does not state a specific retention period for different types of data; instead, it leaves this decision to the data controller, based on the purpose for which the data is collected. However, the regulation requires that the retention period be justifiable and reasonable, considering the context in which the data is being processed.
According to Article 13, please note the controller shall, at the time when personal data are obtained, provide the data subject with the necessary information to ensure fair and transparent processing, inter alia, the following points:
- the period for which the personal data will be stored, or if that is not possible, the criteria used to determine that period;
- the existence of the right to request from the controller access to and rectification or erasure of personal data or restriction of processing concerning the data subject or to object to processing as well as the right to data portability;
- where the processing is based on point (a) of Article 6(1) or point (a) of Article 9(2), the existence of the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal;
- the right to lodge a complaint with a supervisory authority.
Under GDPR, individuals (“data subjects”), have a variety of rights regarding their personal data. These rights have direct implications for data retention practices. Key rights include:
- Right to rectification: The data subject shall have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her
- Right to erasure (‘right to be forgotten’): The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay
- Right to restriction of processing: the Data subject shall have the right to obtain from the controller restriction of processing under certain circumstances, such as the accuracy of the personal data is contested by the data subject
- Right to data portability: The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided.
Regarding the requirements of consent, please see above for further information.