Official Drawing Rules
Collection of personal data
- You create an account on our website;
- You make a purchase on our website;
- You want to receive our newsletters and promotional offers;
- You contact us to become a PartyLite consultant;
- You contact us to become a PartyLite host and organize a party;
- As part of your browsing on our website;
- You need to contact us via our website for any reason relating to our products and services.
We will collect your personal data provided to us directly (e.g. when you contact us via our website, or the website operated for one of our consultants who are acting as our data processor when you make a purchase, etc.), or when browsing our website (e.g. using cookies to understand how you use our website).
We collect in particular the following personal data: your name, address, telephone number, e-mail address and transaction information. Please do not provide us, in particular via the open fields in our website, sensitive information (such as data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, sex life or sexual orientation).
When we collect data through forms including electronic forms, we will indicate the mandatory fields via asterisks. Failure to provide the data marked with an asterisk could prevent you from accessing to a product or a service.
Purposes of the personal data processing
When you access our website we automatically collect the IP-address, type und version of your internet browsers, the operating system of the device you use, the website you retrieve, the previous website you retrieve the date and time of the retrieval for technical reasons, i.e. to make the website available to you and to debug the website and respective webserver in case of failures (in such cases, the legal basis of the data processing is our legitimate interest in making the website available to you and to ensure proper operation of our webservers (Art. 6 para. 1 lit. f) GDPR).
Personal data collected through your account, during a purchase and/or via PartyLite’s website will primarily be used to process your order/purchase, to provide you with the delivery services and to process warranty service (in such cases, the legal basis of the data processing is the performance of the contract between you and PartyLite; Art. 6 para. 1 lit. b) GDPR).
Personal data collected by PartyLite will also be used for the purpose of allowing PartyLite to contact you at your request if you would like to become a PartyLite consultant or a PartyLite host, to send you the adequate information regarding these activities and to allow you to become a consultant or a host and assist you in your missions (in such cases the legal basis of the data processing is either our legitimate interest (Art. 6 para. 1 lit. f) GDPR) when the data is not processed in the context of a contract, more specifically our business interest to find new consultants and hosts and to assist them in their PartyLite activities, or the performance of a contract (in particular for data collected under the consultant contract), Art. 6 para. 1 lit. b) GDPR).
PartyLite may also use your personal data, with your prior consent, to keep you informed of developments and offers relating to PartyLite, or our products and services (in such cases, the legal basis of the data processing is your consent, Art. 6 para. 1 lit. a) GDPR).
We also collect your personal data when you contact us/ask questions relating to our products and services (in this case the legal basis of the data processing is the performance of a contract or if no agreement was entered into yet to take steps at your request prior to entering into a contract (Art. 6 para. 1 lit. b) GDPR).
Data collected by cookies or similar technologies as part of your browsing on PartyLite’s website are processed to tailor our services for you, to allow proper functioning of our website, to ensure the website is secure and safe and to run statistics (please see below for more information regarding the website’s cookies) (the legal basis of the data processing in this case is (i) our legitimate interest (Art. 6 para. 1 lit. f) GDPR), more specifically our interest to ensure we are providing you with website and communications that are working properly, are safe and secure and are continually improving and to develop our business and/or (ii) your consent (Art. 6 para. 1 lit. a) GDPR) for cookies that are not necessary for the functioning of our website).
Disclosure of the personal data collected
Some of your personal data may be accessed:
– By other entities of the Group PartyLite (including by its employees and executives).
- This will only be done on a need-to-know basis and where necessary to provide you with the products and services you have asked for, or in the context of a contract between you and PartyLite (e.g. by the entity of the Group PartyLite operating our warehouse, hosting our website and other infrastructure or providing call centre services). In these cases legal basis is the performance of the contract with you or processing to take steps at your request prior to entering into a contract (Art. 6 para. 1 lit. b) GDPR) and to pursue our legitimate interest in reducing costs by using shared services within the Group PartyLite.
- This may further be done with your consent for marketing purpose (in which case the legal basis would be your consent, Art. 6 para. 1 lit. a) GDPR), or when necessary to achieve the purposes listed above.
- We only provide them with the information they need to perform such services, and we require that they do not use your personal data for any other purpose. These service providers will only act upon PartyLite’ instructions and will be contractually bound to ensure a level of security and confidentiality for your personal data that is the same as the one PartyLite is bound to ensure and to comply with applicable personal data protection laws and regulations.
- For instance, we use service providers for the organization of customer care, implementation of promotions, further development of our internet offer, communication and contact with our customers, organization of events/parties, etc. We also use providers for credit card processing/payment and for IT services (hosting services, database maintenance, etc.).
– Besides, PartyLite may share your personal data with third parties:
- In the event of a merger or sale of the company’s assets (in such case your personal data will be disclosed to the prospective buyer) – in this case the legal basis of the data processing is the pursuance of legitimate interests of our shareholders in selling their shares or our interest in selling our assets -; or
- To comply with a legal obligation or to respond to legal proceedings of any nature, Court orders, any legal action or implementing enforcement measures that are required by the competent authorities – in this case legal basis of the data processing is the compliance with legal obligations we are subject to – (Art. 6 para 1 lit. c) GDPR); or
Links to other websites
Since the Group PartyLite has entities all over the world and since some of our service providers providing hosting and other infrastructure related services are located abroad, the data that we collect from you will be transferred from a country located within the European Union (“EU”) to a country located outside of the EU (in particular to the US).
Where PartyLite transfers personal data outside of the EU, this will always be done in a secure and lawful way:
- Either by transferring personal data to a data recipient in the USA that is Privacy Shield certified, such mechanism being considered as ensuring an adequate level of protection for your data by an adequacy decision of the European Commission (to learn more about the Privacy Shield Policy, please click here. If you would like to inform or complain about our handling of your data under the Privacy Shield, please send us an email firstname.lastname@example.org. We will answer your request as soon as possible. If we cannot remedy your complaint, you can contact the Privacy Shield Panel for a binding arbitration. To find out more about the Privacy Shield Panel, please click here). If we disclose personal data received under the Privacy Shield to third parties, the access, use and disclosure of the personal data by the third parties must comply with our obligations under the Privacy Shield, and we are held under the Privacy Shield for non-compliance by the Privacy Shield third parties, unless we are not responsible for the event that caused harm.
- Or by executing the European Standard Contractual Clauses (signed between PartyLite and its subsidiaries or between PartyLite and its service providers) which have been approved by the European Commission as providing an adequate level of protection for your personal data. Such Standard Contractual Clauses are available at email@example.com.
All personal data that you have specified during the shopping process will be transmitted to us only encrypted from your computer. We use the proven encryption system SSL (Secure Socket Layer). This widespread system for protection of online purchases guarantees the highest possible security not only of your order data, but also, for example, the account or credit card number used.
PartyLite uses reasonable technical and organizational measures to protect and safeguard the order and business information from loss, misuse, and unauthorized access, disclosure, alteration, unauthorized transmission, and destruction.
Procedures for the regular review and evaluation of the effectiveness of technical and organizational measures have been established.
Not all personal data collected on this website will be saved. All personal data that is stored is encrypted, and all systems connected to the Internet are equipped with firewalls and are regularly monitored to ensure a high level of security. We store your personal data in our data center in New Jersey and Massachusetts, USA and at Amazon web services (as indicated above, such transfers of personal data will always be done in a secure and lawful way).
We ensure the security of your personal data in all our branches. If you have concerns about the use of your information or want to be deleted from our email list, please contact us.
Data retention period
We will keep your personal data only as long as necessary for the purposes of the processing for which it was collected (typically the length of the contract). We may, however, keep your data for a longer period of time in application of specific legal or regulatory provisions and/or to comply with applicable statute of limitations periods. In case of longer data retention for other reasons, we will inform you of such reasons and of the applicable retention period upon collecting your personal data.
To determine the data retention period of your personal data, we use in particular the following criteria:
- Data in connection with the administration of your account is retained as long as you use such account/keep it activated and for the applicable statute of limitation periods;
- Data in connection with the processing of your transactions is retained during the period of your transaction, and in accordance with applicable legal requirements and statute of limitation periods;
- When you have consented to receive commercial solicitations, PartyLite will retain your personal data until you let it know that you no longer wish to receive such solicitations or after a period of inactivity defined in accordance with applicable legislation ;
- When your data is collected in the context of queries or questions concerning PartyLite products and services, and when you contact us to become a host or a consultant, PartyLite will retain your data for the time necessary to process such queries;
- When cookies are placed on your terminal, the cookie data is retained in accordance with the legal requirements and recommendations issued by the authorities (that is to say, 13 months in for cookies that are not essential for the site’s operation or such earlier date on which you have revoked your consent – see below).
- A right of access and information: you have the right to be informed in a concise, transparent, intelligible and easily accessible form of the way in which your personal data is processed. You also have the right to obtain (i) confirmation as to whether or not personal data concerning you are being processed, and, where that is the case (ii) to access such personal data and obtain a copy thereof.
- A right to rectification: you have the right to obtain the rectification of inaccurate your personal data. You also have the right to have incomplete personal data completed, including by means of supplying a supplementary statement.
- A right to erasure (‘right to be forgotten’): in some cases, you have the right to obtain the erasure of your personal data. However, this is not an absolute right and PartyLite may have legal or legitimate grounds for keeping such personal data.
- A right to restriction of processing: in some cases, you have the right to obtain restriction of the processing of your personal data.
- A right to data portability: you have the right to receive your personal data which you have provided to PartyLite, in a structured, commonly used and machine-readable format, and you have the right to transmit those data to another controller without hindrance from PartyLite. This right only applies when the processing of your personal data is based on your consent or on a contract and such processing is carried out by automated means.
- A right to object to processing: you have the right to object, on grounds relating to your particular situation, to processing of your personal data when such processing is based on the legitimate interest (Art. 6 para. 1 lit. f) GDPR) of PartyLite. PartyLite may, however, invoke compelling legitimate grounds for continued processing. You also have the right to object at any time to processing of your personal data for direct marketing purposes.
- The right to file a complaint with the supervisory authority: you have the right to contact your Data Protection Authority to complain about PartyLite’ personal data protection practices. You have the right to make a complaint regarding our handling of your personal data to the data supervisory authority. In the UK, this is the UK Information Commissioner’s Office at https://ico.org.uk
- The right to give instructions concerning the use of your data after your death: you have the right to give PartyLite instructions concerning the use of your personal data after your death.
- The right to register on an opposition list/do not call registry regarding direct marketing performed by direct calls.
- The right to revoke consent: you have the right to revoke a consent to the processing of personal data you have given to Partylite at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
A “cookie” is a file that is stored on your hard drive containing information about you. PartyLite may set cookies on your hard drive to assist you in navigating the PartyLite website.
Most Internet browsers delete cookies from your computer’s hard drive, prevent cookies from being stored, or give a warning before storing a cookie, so please read your browser’s instructions or use the help function for further instructions. The following links show you how to adjust browser configuration in the most popular browsers:
For Microsoft Internet Explorer version 11:
- – Settings
- – Internet Options
- – History
- – Select
- – Block cookies
- – Settings
- – Show advanced settings
- – Privacy
- – Cookies
- – Block cookies
- – Tools
- – Options
- – Privacy
- – Block cookies
- – Preferences
- – Privacy
- – Block cookies
- – Preferences
- – Advanced settings
- – Cookies
- – Block cookies
Please find below information regarding the cookies used in our website
As the IP anonymisation is activated on this website, the IP address will be shortened prior to transmission within the member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the USA and shortened there. The anonymized IP address provided by Google Analytics within the scope of Google Analytics will not be merged with other data provided by Google.
You can prevent the storage of cookies by setting their browser software accordingly. In addition, Google may also prevent the collection of data generated by the cookie and its use of the online offer as well as the processing of this data by Google by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout.
As an alternative to the browser plug-in, you can click on this link to prevent the collection by Google Analytics on this website in the future. An opt-out cookie is stored on your device. If you delete your cookies, you must click the link again.
Our website includes plug-ins from Facebook Inc., 1601 S. California Ave., Palo Alto, CA 94304, USA (Facebook). They are indicated by the Facebook logo or the note “Like”.
The Facebook plug-ins lead to information about your visit being forwarded to Facebook and, if necessary, saved there if you have a Facebook account and are logged in with your Facebook account while visiting our website. In the logged-in state, it is possible to assign the data to the Facebook profile.
Otherwise, the Facebook plug-in will forward to Facebook the information that you have visited the website provided with a Facebook plug-in. Through interaction with a Facebook plug-in, e.g. by clicking on the “Like” button, this information and any other information that you have entered in this context will also be saved there.
We use the tool “Facebook Website Custom Audiences”. By means of a pixel integrated on this website, we mark you as a User of our website. For this purpose, no personal data will be collected or used by you. Facebook can recognize you by using this pixel when visiting the Facebook website. Information about your visit to our website is forwarded to Facebook without any personal reference for analysis and marketing purposes. The information transmitted to Facebook is a non-reversible and non-personal checksum, which is based on your usage data. There is no transmission of further or other data under this technology.
About the handling of the data by Facebook you can u.A. here to inform and also make settings: https://www.facebook.com/ads/website_custom_audiences/, or https://www.facebook.com/about/ads or here https://www.facebook.com/privacy/explanation. If you wish to oppose the use of Facebook Website Custom Audiences, you can do so by clicking on the following link: https://www.facebook.com/ads/website_custom_audiences/
E-mail and newsletter
As explained briefly above, we use your e-mail address, which you have given us in the ordering process, for sending the order confirmation as well as other important customer information necessary for the product order, processing and delivery in our system in connection with your product order.
When visiting our websites, we may use information about your activities on our websites (surfing behavior, viewed products, shopping carts) to create a pseudonymised usage profile. We would like to use this information to send you targeted, tailored to your needs mailings.
When you sign up for our newsletters or for being contacted for our events/parties, you agree that we use the aforementioned information and your order history to send you customized mailings and marketing messages or to ask you about your satisfaction with the products you have purchased or to invite you to PartyLite events/parties. Legal basis of the processing is consent (Art. 6 para. 1 lit. a) GDPR) and your data will be used solely for the purposes you consented to and will not be shared with third parties. You may revoke your consent at any time with future effect – i.e. without affecting the lawfulness of processing based on consent before its withdrawal – without incurring any costs other than the base rate transmission costs. To do this, either click on the unsubscribe link in the newsletter or send written request to:
PartyLite, Inc., 600 Cordwainer Dr, Norwell, MA 02061.
via E-mail: firstname.lastname@example.org
Please understand that we can only respond to requests for information or inquiries about your personal data if we can ensure that you are actually the sender (in some cases we may ask you to provide us with your ID). Please make your request always in writing by mail or e-mail.