We understand that privacy and the security of your personal information is extremely important. Because of that, this policy sets out what we do with your information and what we do to keep it secure. It also explains where and how we collect your personal information, as well as your rights over any personal information we hold about you.
This policy applies to you if you use our products or services in store, over the phone, online or otherwise by using any of our websites or interacting with us on social media (our “Services”). This policy gives effect to our commitment to protect your personal information and has been adopted by our company Subscription Box Ltd., registered under No. 204684672 in the Trade Registry to the Registration Agency in Sofia, Bulgaria.
Who we are?
When we say ‘we’ or ‘us’ in this policy, we’re generally referring to the separate and distinct legal entitiy that owns the brand BeerAddicted (although it does depend on the context):
- Subscription Box Ltd., a company registered under No. 204684672 in the Trade Registry to the Registration Agency in Sofia, Bulgaria).
It also includes any other businesses we might add to this group in the future.
What personal data we collect and why we collect it?
Information that you provide to us such as your name, address, date of birth, telephone number, email address, bank account and payment card details and any feedback you give to us, including by phone, email, post, or when you communicate with us via social media;
Information about the products and/ or services that we provide to you (including for example, the things we have provided to you, when and where, what you paid, the way you use our products and Services, and so on);
Your account login details, including your username and chosen password;
Information about any device you have used to access our website https://beeraddicted.com or some of our services (such as your device’s make and model, browser or IP address) and also how you use our website or services. For example, we try to identify which of our apps you use and when and how you use them. If you use our websites, we try to identify when and how you use those websites too;
Your contact details and details of the emails and other electronic communications you receive from us, including whether that communication has been opened and if you have clicked on any links within that communication. We want to make sure that our communications are useful for you, so if you don’t open them or don’t click on any links in them, we know we need to improve our services; and
Information from other sources such as our retail partners, specialist companies that provide customer information, social media providers as well as information that is publicly available.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
How do we use your information?
The information we collect may be used to:
- Make available our products or services to you;
- Process your orders;
- Take payment from you or give you a refund;
- Personalize your shopping experience, for example by understanding your location or how you use our apps and websites to provide you with personalized offers or shopping ideas;
- Give you loyalty points (if applicable and appropriate);
- Help us ensure that our customers are genuine and to prevent fraud;
- Conduct market research, either ourselves or with reputable agencies;
- For statistical analysis;
- Help us understand more about you as a customer, the products and services you consume, the manner in which you consume them and how you shop across the website, so we can serve you better;
- Find ways to improve our products, services and websites;
- Contact you about products and services from us and other companies;
- Provide you with online advertising;
- Provide for the safety and security of our colleagues and customers; and
- Help answer your questions and solve any issues you have.
Who we share your data with?
Our service providers
We work with partners, suppliers, insurers and agencies so they can process your personal information on our behalf, but only where they meet our standards on the processing of data and security! We only share information that allows them to provide their services to us or to facilitate them providing their services to you.
For example, some of our service providers place advertising for us online, about our products and services and those of our retail partners, suppliers and third parties. As a result, where you have indicated you are happy to receive marketing from us, you might see online advertising that we have placed on the web sites you visit, or the interactive services you use.
Or if you hold a credit card with us, we will share transaction details with our scheme providers (e.g. Visa or MasterCard) and payment processors.
Our retail partners
We might share your personal information with retail partners we do business with. This is so they can give or send to you their products or services, whenever applicable. For example, if sometimes you order a product from our website that is not in our warehouse, or a service provided by third parties, we pass on relevant information to our retail partner so they can send you what you have ordered or serve you – if we didn’t do that we couldn’t give our customers additional products and /or services.
Other organisations and individuals:
We may transfer your personal information to other organisations in certain scenarios. For example:
- If we’re discussing selling or transferring part or all of a business, we may share information about you to prospective purchasers – but only so they can evaluate that business;
- If we are reorganised or sold to another organisation, we may transfer information we hold about you to them so they can continue to provide the services to you;
- If required to by law, under any code of practice by which we are bound or we are asked to do so by a public or regulatory authority such as the Police or the National Revenue Agency etc.;
- If we need to do so in order to exercise or protect our legal rights, users, systems and services; or
- In response to requests from individuals (or their representatives) seeking to protect their legal rights or the rights of others.
International transfers of your information
Keeping you informed about our products and services
We would like to tell you about the great offers, ideas, products and services of the BeerAddicted website from time to time that we think you might be interested in. Where you have consented to us doing so, we may do this through the post, by email, text message, online, using social media, push notifications via apps, or by any other electronic means.
We won’t send you marketing messages if you tell us not to but we might still need to send you occasional service-related messages. If you wish to amend your marketing preferences, you can do so by sending us an email to email@example.com.
How long we retain your data?
We will retain a record of your personal information. This is done in order to provide you with a high quality and consistent service across our group. We will always retain your personal information in accordance with law and regulation and never retain your information for longer than is necessary.
What rights you have over your data?
Right to access and correction of your personal information
You have access to your personal data processed for the purposes outlined above. If we process this data and receive a request from you (or from a third party authorized by you), we will provide this access for free. You may also request a copy of your personal data we process.
Before we provide access to your personal data to you or to a person authorized by you, we may request proof of identity and details of your relationship with us or our partners so we can find the data that relates to you.
If any personal data we store and process for you is inaccurate or obsolete, you are entitled to ask us to correct them, including by adding a statement.
Right to delete your personal data
You may request to delete your personal details without undue delay if:
- personal data are no longer needed for the purposes for which they were collected;
- when you have withdrawn your consent;
- when you have objected to the treatment if it is unlawful;
- when personal data must be deleted to comply with a legal obligation under Union law or the law of a Member State that applies to us as a data controller;
- when personal data has been gathered in connection with the provision of information society services.
Under certain conditions, we may refuse to delete your personal information in the cases provided for by law.
Right to data portability and right of appeal
You may obtain the data we process for you in a structured, widely used and machine readable format to transfer your data to another Controller.
You have the right to file a complaint with the local regulator, the Bulgarian Personal Data Protection Commission (CPDP) or the court if you think your rights are being violated. For this purpose, you can visit the CPDP website at https://www.cpdp.bg/, where you will learn more.
Right of withdrawal of consent
You have the right to withdraw your consent to the processing of your personal data on our behalf at any time by submitting a request to us:
- by sending us a unsubscribe email at firstname.lastname@example.org
- by sending us a written application via mail at: Bulgaria, 1335 Sofia, 25, Petar Dertliev Blvd., Fl. 2, for BeerAddicted
Right of objection
You have the right at any time to submit to us an objection to the processing of your personal data for purposes related to direct marketing, including profiling, in so far as it relates to direct marketing. The objection can be made by phone or by e-mail to the contact details listed above.
Restrict the processing of personal data
You have the right to request that we limit the processing of your personal data when you believe your personal data is inaccurate, the processing of your personal data is improper, we do not need your personal data for processing purposes, or you have objected to the processing of your personal data. In this case, personal data will only be stored but not processed.
The right not to be subject to an automated solution involving profiling
You have the right not to be subject to a fully automated solution, including profiling, when it generates legal issues for you or affects you considerably.
If you would like to exercise any of the rights described here, please contact us as explained above.
We take security measures to protect your information including:
- limiting access to our buildings to those that we believe are entitled to be there (by use of passes, key card access and other related technologies);
- implementing access controls to our information technology, such as firewalls, ID verification and logical segmentation and/ or physical separation of our systems and information;
- never asking you for your passwords;
- advising you never to enter your account number or password into an email or after following a link from an email.
If you would like to exercise one of your rights as set out above, or you have a question or a complaint about this policy, the way your personal information is processed, please contact us by one of the following means:
By email: email@example.com
By post: Data Protection Officer, Bulgaria, 1335 Sofia, 25 D-r Petar Dertliev Blvd., fl. 2, for BeerAddicted
You also have the right to lodge a complaint with your local Personal Data regulator. Go to https://ec.europa.eu/info/law/law-topic/data-protection_en to find out more.