Our Privacy Policy (US)

At NCBA Inc., we are committed to protecting our customers’ privacy. This Privacy Policy explains in detail how and why we collect and use the personal data which you provide to us or which we collect about you when you interact with us, for example, when you use our website or visit our store. 

We want you to be fully informed about how we use your data, how we keep it secure and your rights. We trust this Privacy Policy will answer any questions that you may have, but if not, please do get in touch with us directly at [email protected].    

WHO WE ARE 

This Privacy Policy is provided by NCBA, Inc. (referred to as “we”, “us” or “our” in this Privacy Policy). We are the data controller of any personal data we collect about you in the UK, and we are responsible for the Code8 website (www.us.codeeight.com) and any orders placed by customers on the website or in our UK free-standing boutique. 

WHAT IS PERSONAL DATA?

"Personal data" means any information or pieces of information that could identify you either directly (e.g. your name) or indirectly (e.g. through pseudonymised data, such as a unique ID number). This means that personal data includes things like email/home addresses, usernames, profile pictures, personal preferences and shopping habits, user generated content, financial information, and health information. It could also include unique numerical identifiers like your computer's IP address or your mobile device's MAC address, as well as cookies. This privacy policy covers all personal data about you that is collected and used by NCBA Inc.

WHAT PERSONAL DATA DO WE COLLECT FROM YOU AND HOW DO WE USE IT? 

We collect personal data from you when you provide it to us directly and through your use of the Site. This information may include:

The information you provide to us when you use our Site (e.g. your name, contact details, gender, product reviews, and any information which you add to your account profile),

Transaction and billing information, if you make any purchases from us or using our Site (e.g. credit/debit card details and delivery information),
Records of your interactions with us (e.g. if you contact our customer service team, interact with us on social media),
The information you provide us when you enter a competition or participate in a survey,

Information collected automatically, using cookies and other tracking technologies (e.g. which pages you viewed and whether you clicked on a link in one of our email updates).
We may also collect information about the device you use to access our Site, and other information necessary to provide the Site, for example, we may access your location if you give us your consent.

If you also shop in one of our stores, we may combine information you give us in-store (e.g. if you make a purchase or join our mailing list in-store) with the information above.

HOW DO WE COLLECT YOUR DATA? 

We might collect or receive your personal data from you via our websites, forms, apps, devices, or brand pages on social media or otherwise. Sometimes you give this to us directly (e.g. when you create an account, when you contact us, when you purchase from our website or stores) or sometimes we collect it (e.g. using cookies to understand how you use our websites and apps). 

In the table below, we explain: 

  1. In what context is your personal data collected? 
  2. What personal data may we hold about you? 
  3. How and why we use it 
  4. What is our legal basis for using your personal data? 

If you do not provide the personal data marked with an asterisk, this may affect the goods and servies that we can provide. 

In which context is your personal data collected?

What personal data may we hold about you?

How and why may we use it?

What is our legal basis for processing your personal data?

Account Creation and Management

Where your personal data are collected during the creation or management of an account on NCBA, Inc.websites/apps, through a social media login or in store.

First name and surname;


Gender;


Email address;


Address;


Phone number;


Photo;


Birthday or age range;


ID/username, and password;


Personal description or preferences;


Order details;


Social media profile (where you use your social media login or share this personal data with us);


User generated content; and/or


Other information you have shared with us about yourself (e.g. via your “My Account” page, by contacting us, a question via the chat function available on some websites, or by participating in a contest, game, survey etc.).

To:


Manage your orders;


Send you marketing communications (where you have asked us to) which may be tailored to your “profile” (i.e. based on the personal data we know about you and your preferences);


Offer and manage a loyalty program;


Offer personalised services based on your characteristics;


Allow you to manage your preferences;


Monitor and improve our websites and apps;


Run analytics or collect statistics;


Secure our websites and protect you and us against fraud;


Respond to your questions and otherwise interact with you; and/or


Manage any competitions, promotions, surveys or contests you enter.

The performance of a contract – so you can create and manage your account;


Our legitimate interests: (i) to improve our products and services; (ii) better engage with you; (iii) prevent fraud or criminal activity; and (iv) secure our tools; and


Consent – so you can receive marketing communications from us.

Newsletter and marketing subscriptions

Where your personal data are collected when you subscribe to receive our marketing communications.

First name and surname;


Email address;


Gender;


Address;


Phone number;


Birthday or age range


ID/username, and password;


Personal description or preferences;


Order details;


Social media profile (where you use your social media login or share this personal data with us);


User generated content; and/or


Other information you have shared with us about yourself (e.g. via your “My Account” page, by contacting us, a question via the chat function available on some websites, or by participating in a contest, game, survey etc.).

To :


Send you marketing communications (where you have asked us to) which may be tailored to your “profile” based on the personal data we know or learn about you and your preferences;


Show you marketing communications on other websites, including social media platforms. Note that you may also see our ads on other websites, including on social media sites, but these may not be tailored to you;


Keep an up to date suppression list if you have asked not to be contacted;


Run analytics or collect statistics; and/or

Consent – so you can receive marketing communications from us; and


Our legitimate interests: (i) to improve our products and services; and (ii) better engage with you.

Purchases and order management

Where your personal data are collected during the purchase process made on NCBA, Inc.websites/apps or in store

First name and surname;


Email address;


Address;


Phone number;


Personal description or preferences;


Social media profile (where you use your social media login or share this personal data with us);


Transaction information including purchased products;


Payment and information; and/or


Purchase history.

To:


Contact you to finalise your order where you have saved your shopping cart or placed products in your cart without completing the checkout process;


Inform you when a product you wanted to purchase is available;


Process your order including delivering the product to the address you indicated;


Manage payment. Please note that your payment information (credit card number/Paypal/bank account details) are not collected by us directly, but by secure payment service providers;


Manage any contact you have with us about your order;


Secure your transactions against fraud. We may use a third party provider’s solution to detect fraud and make sure that payment is completed;


If you place a purchase using a registered account, we will add this transaction to your profile so we can understand your interests and preferences and you will see a record of your transactions with us within your account (where applicable);


Manage any dispute relating to a purchase; and/or


Run analytics or collect statistics.

The performance of a contract – so you can make purchase and we can manage the associated logistics.


Our legitimate interests: (i) to improve our products and services; (ii) better engage with you; (iii) prevent fraud or criminal activity; and (iv) secure our tools.


To comply with a legal obligation – to keep information we are required to.

Online browsing

Where your personal data are collected by cookies or similar technologies ("cookies"*) when you browse NCBA, Inc.websites/apps or on third-party websites/apps where we have cookies.


For information on specific cookies placed on a particular website/app, please check the cookies table on the specific website/app.


*Cookies are small text files stored on your device (computer, tablet or mobile) when you are on the Internet, including on NCBA, Inc.websites.

Data related to your use of our websites, including:


Where you came from,


Login details,


Location,


Data related to your navigation on our apps/websites, incl. scroll/mouse movement (but in a manner that does not identify you),


Videos you watched,


Pages/ads/content you looked at, clicked or tapped on,


Duration of your visit, and/or


Products you searched for and/or selected to create your basket.


Technical information:


Your IP address;


Browser information;


Device information; and/or


Your unique ID which is given to each visitor, and the expiration date of the ID.

We use cookies, together with other personal data you have already shared with us (such as previous purchases, or whether you’re signed up to our email newsletters) for the following purposes:


To deliver targeted advertising, that is to show you:


online advertisements for products which may be of interest to you, based on your previous behaviour, and/or


ads and content on social media platforms, such as Facebook, Instagram, TikTok and Pinterest or other websites.


You can opt out of targeted advertising by using the function available on our website (where applicable), or in your browser settings. For opting out of targeted advertising on social media platforms, please visit the relevant social media platform to explore the options they may provide.


To tailor our services for you, that is to:


show you recommendations, marketing, or content based on your profile and interests, and/or


display our websites in a tailored way, for example, show you products we think you might like.


To allow our websites/apps to function properly, that is to:


ensure the proper display of content,


create and remember your shopping cart,


create and remember your account login details,


interface personalisation, such as language, or any user-interface customisation (i.e. parameters attached to your device including your screen resolution or font preference), etc.,


perform troubleshooting, and/or


improve user experience and our websites/apps, for example, by testing new ideas or layouts.


Please note that we only track your navigation on the website/app (e.g., mouse movements) to ensure our websites/apps function properly, for troubleshooting, and to improve user experience, as explained above. We do so in a way that does not identify you to ensure that the personal data provided on the website/app is always masked and never recorded.


To ensure our websites/apps are secure and safe, and to protect you against fraud or misuse of our websites/apps or services.


To run statistics, that is to:


avoid visitors being recorded twice,


know users’ reaction to our advertising campaigns.


improve our offers, and/or


understand how you discovered our websites/apps.


To allow sharing of our content on social media platforms.

Consent – to store cookies on your device.


Our legitimate interests: (i) to improve our products and services; (ii) better engage with you; and (iii secure our tools.

Social Media Platforms

Where your personal data are collected from your activity on social media platforms.


For more information on how your personal data may be shared with Facebook and Google, please see the respective sections under “We may disclose your personal data to our partners” below.

We may get information you publicly post on social media platforms and use it to better understand how consumers view our products/services and interact with us. For example, we may use public posts to identify beauty trends. Where possible, we do this in way that we are unable to directly identify you.


We may also collect your personal data when you mention us on social media platforms. The personal data we collect may include:


Social media handle,


Photo, and/or


Any comments mentioned in your post.


If we want to re-use any content you post on social media platforms, we will always ask your permission first (see ‘User Generated Content’ below).

To


Monitor and improve our websites and apps; and/or


Run analytics or collect statistics.

Our legitimate interests: (i) to improve our products and services; and (ii) better engage with you.

Promotions

Where your personal data are collected during a competition, game, contest, promotional offer, sample request, survey, etc.

First name and surname,


Email address,


Phone number,


Birth day or age range,


Gender,


Mailing Address,


Personal description or preferences,


Social media profile (where you use your social media login or share this personal data with us), and/or


User generated content,


Other information you have shared with us about yourself (e.g. via your “My Account” page, by contacting us, a question via the chat function available on some websites, or by participating in a contest, game, survey etc.).

To:


Complete tasks that you have asked us to, for example, to manage your participation in the promotion, including to take into account your feedback and suggestions,


Run analytics and statistics.

The performance of a contract – so you may entered into the promotion/we can deliver the prize).


Our legitimate interests: (i) to improve our products and services; and (ii) better engage with you.

User Generated Content

Where your personal data are collected when you submit content (for example images or ratings and reviews) on one of our websites/apps/social media platforms or accept our re-use of any content you posted on social media platforms.

First name and surname or alias;


Email address;


Photo;


Personal description or preferences;


Social media profile (where you use your social media login or share this personal data with us); and/or


Other information you have shared with us about yourself (e.g. via your “My Account” page, by contacting us, or by providing your own content such as photos or a review, or a question via the chat function available on some websites).

To:


Use the content you have created and/or shared in accordance with the specific terms and conditions accepted by you e.g. to post your review/content and to promote our products;


Run analytics and statistics; and/or


Add your content to your profile so we can understand your interests and preferences.

Consent – to provide you with the service you have requested, for example, so you can upload the content of your choice.


Our legitimate interests: (i) to improve our products and services; (ii) better engage with you; and (iii) secure our tools and design new features.

Use of websites/apps and devices

Where your personal data are collected as part of your use of our websites/apps and/or devices (for example when you provide your personal data when completing online forms or trying on our products virtually via our apps).

First name and surname;


Gender;


Email address;


Photo;


Location;


Birth day and/or age range;


Personal description or preferences, including characteristics such as skin tone, skin/hair type (e.g. your beauty profile); and/or


Application or device usage data.

To:


Provide you with the service(s) you requested (e.g. enable you to purchase our products),


Analyse your personal characteristics and recommend appropriate products (including bespoke products) and routines,


Monitor and improve our apps and devices, and/or


Run analytics and statistics.

Consent – to provide you with the service you have requested, for example, show you recommended products or complete your purchase.


The performance of a contract – to deliver the service you have requested e.g. to enable you to try on products virtually.


Our legitimate interests: (i) to improve our products and services; (ii) better engage with you; and (iii) secure our tools.

Enquiries

Where your personal data are collected when you ask questions relating to our brands, our products and their use, or your purchases, account or rights.

First name and surname;


Phone number;


Email address;


Other information you have shared with us about yourself in relation to your enquiry (which may include welfare, health data and call recordings).

To:


Answer and manage your enquiries, and/or


Run analytics and statistics.

The performance of a contract – to respond to your enquiries.


Our legitimate interests: (i) to improve our products and services; (ii) better engage with you; and (iii) secure our tools.

Our premises

Where your personal data are collected when you visit our premises (e.g. our Burlington Arcade Flagship store or any other popup locations)

Photo/Video captured via CCTV; and


Attendance/visitor forms (which may include the collection of welfare and health data).

To:


Assist in the prevention and detection of crime and manage enquiries; and/or


Help ensure the health, safety and security of employees and visitors, information located or stored within the premises, and assets.

Our legitimate interests: (i) prevent fraud and criminal activity; and (ii) secure our tools.


To comply with legal obligation – to meet health and safety requirements.



HOW WILL WE USE YOUR DATA? 

Depending on how you use our Site, your interactions with us, and the permissions you give us, the purposes for which we use your personal data include:

To fulfil your order and maintain your online account.

To manage and respond to any queries or complaints to our customer service team.

To personalize the Site to you and show you content we think you will be most interested in, based on your account information, your purchase history and your browsing activity.

To improve and maintain the Site, and monitor its usage.

For market research, e.g. we may contact you for feedback about our products.

To send you marketing messages and show you targeted advertising, where we have your consent or are otherwise permitted to do so.

For security purposes, to investigate fraud and where necessary to protect ourselves and third parties.

To comply with our legal and regulatory obligations.

We rely on the following legal basis, under data protection law, to process your personal data:

Because the processing is necessary to perform a contract with you, or take steps prior to entering into a contract with you (e.g. where you have made a purchase with us, we use your personal data to process the payment and fulfil your order).

Because we have obtained your consent (e.g. where you contact us with a query, where you add optional information to your account profile, or if you consent to receive marketing from us).

Because it is in our legitimate interests as an e-commerce provider to maintain and promote our services. We are always seeking to understand more about our customers in order to offer the best products and customer experience. We use information about you to tailor your view of the Site, to make it more interesting and relevant in respect of the products and offers on view. 

Our Site may allow you the option of adding additional information to your account profile, such as information about your body type, skin type, hair type, hair condition, training regime, performance goals, height and weight. We treat this information with particular sensitivity, as we understand it can reveal information about your health or ethnicity, for example. You do not have to provide this information to us, and can delete it or update it at any time.

AUTOMATED DECISION MAKING 

We may use profiling, which is a type of automated decision making, to analyse our customers’ purchase history and activity. This may be, for example, to create a list of customers that are eligible for a loyalty programme, based on their purchases and amounts they have spent, or to identify the types of advertising or marketing you might be interested in. You have the right to request that we don’t use your personal data in this way by contacting us in the ways set out at the bottom of this privacy policy. 

SHARING YOUR DATA

We may share your data with trusted third parties to allow us to provide our services to you. When we do share your data with these third parties we only provide the information they need to perform the service. We have written contracts in place with them to ensure they only use your data for the purpose we specify to them and that your privacy is secure and respected. 

These trusted third parties include the following: 

DESCRIPTION

EXAMPLES

Companies that help us fulfil your orders and, where required, get your purchases to you, such as delivery couriers and payment providers

Royal Mail, DPD, Stripe, PayPal 

Professional service providers such as website hosting providers, system providers, website and social media analytics providers, advertisers and appointment booking providers, who help us run our business

Acuity, Google Analytics, Magento 

Social Media or Web platforms to show you products that might interest you while you’re browsing the internet

Facebook, Instagram, YouTube

Credit reference agencies, law enforcement and fraud prevention agencies, so that we can help tackle fraud

Stripe, PayPal 

We may be required to share your personal data with the police, administrative authorities (such as HMRC) or other enforcement, regulatory or Government bodies, where we are legally obliged to do so.

We will only share your personal data with third parties for them to use for their own direct marketing purposes when you have given your consent for us to do so.  

MARKETING
We love to communicate with our customers and so, depending on your marketing preferences, we may use your personal data to send you marketing messages by email, phone or post. Some of these messages may be tailored to you, based on your previous browsing or purchase activity, and other information we hold about you.

If you no longer want to receive marketing communications from us (or would like to opt back in!), you can change your preferences at any time by contacting us (details below), clicking on the ‘unsubscribe’ link in any email, or updating your settings in your account. If you unsubscribe from marketing, please note we may still contact you with service messages from time to time (e.g. order and delivery confirmations, and information about your legal rights).

You may also see ads for our Site on third party websites, including on social media. These ads may be tailored to you using cookies (which track your web activity, so enable us to serve ads to customers who have visited our Site). Where you see an ad on social media, this may because we have engaged the social network to show ads to our customers, or users who match the demographic profile of our customers. In some cases, this may involve sharing your email address with the social network. If you no longer want to see tailored ads you can change your cookie and privacy settings on your browser and these third party websites. 

WHAT ARE YOUR DATA PROTECTION RIGHTS?
We would like to make sure that you are fully aware of all of your data protection rights. Every user is entitled to the following: 

The Right to Access: You have the right to request copies of your personal data from NCBA, Inc.We may charge you a small fee for this service. 

The Right to Rectification: You have the right to request that NCBA, Inc.correct any information that you believe is inaccurate. You also have the right to request that NCBA, Inc.complete any information that you believe is incomplete.

The Right to Erasure: You have the right to request that NCBA, Inc.erase your personal data, under certain conditions. 

The Right to Restrict Processing: You have the right to object to NCBA Inc.'s processing of your personal data, under certain conditions. 

The Right to Data Portability: You have the right to request that NCBA, Inc.transfer the data that we have collected to another organisation, or directly to you, under certain conditions. 

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at our email: [email protected] 

Call us at: +1 (877) 547-5656 

Or write us: NCBA Inc., PO Box 600, 1 Corporate Drive, Grantsville, MD 21536

WHAT ARE COOKIES?
Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. When you visit our websites, we may collect information from you automatically through cookies or similar technology. 

For further information, visit www.allaboutcookies.org 

HOW DO WE USE COOKIES?
We use Cookies for the following purposes:

To improve the performance of our websites by understanding which parts work well, and which don't.

To deliver relevant online advertising to you both on our websites and elsewhere. This is sometimes done by combining data that we already have about you with the data collected through Cookies. These Cookies are placed by us and selected third parties and enable adverts to be presented to you on our and third party websites.

To measure how effective our online advertising and marketing communications are.

To enable us to collect information about how you and other people use our websites.

To improve your experience on our websites, for example we use Cookies to remember the products you’ve put in your basket and to personalise your experience.

WHAT TYPES OF COOKIES DO WE USE?
We use the following Cookies:

Strictly Necessary Cookies: These are Cookies that are required for the operation of our website. They are necessary for the safety, security and integrity of the site. For example they help support the structure of the pages that are displayed to you, help to improve navigation and allow you to return to pages you have previously visited. This type of Cookie only lasts for the duration of the time you are visiting the website. When you leave the website they are deleted automatically.

Performance Cookies or Analytical Cookies: These allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily. The data is aggregated and anonymised, which means we cannot identify you as an individual.

Functionality Cookies: These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region). These Cookies will remain on your device until you choose to clear it. If you choose to do this, you will need to enter your details each time you visit the site.

Targeting Cookies: These Cookies will collect information about your browsing habits and allow us to show you adverts while you are browsing our site and other sites on the internet. They are set by us or by carefully selected third parties. They help us to understand the performance of our marketing activities and improve the relevance of the adverts that you see.

HOW TO MANAGE YOUR COOKIES
You can stop Cookies being used on your device by activating the setting on your browser that allows you to block the deployment of all or some Cookies. Please visitwww.allaboutcookies.org to find out how. Please note, if you use your browser settings to block Cookies you may not be able to access all or parts of our site.

PRIVACY POLICIES OF OTHER WEBSITES
The NCBA, Inc.website contains links to other websites. Our privacy policy applies only to our website, so if you click on a link to another website, you should read their privacy policy. 

CHANGES TO OUR PRIVACY POLICY
NCBA, Inc.keeps its privacy policy under regular review and places any updates on this web page. This privacy policy was last updated on 27th October, 2021. 

HOW TO CONTACT US
If you have any questions about NCBA Inc.'s privacy policy, the data that we hold on you, or you would like to exercise one of your data protection rights, please do not hesitate to contact us. 

Email us at: [email protected]

Call us: +1 (877) 547-5656

Or write to us at: NCBA Inc., PO Box 600, 1 Corporate Drive, Grantsville, MD 21536