Privacy Policy
Introduction
At Ollie, we take your privacy very seriously. We know that protecting you and your skin is our main mission – and that includes safeguarding your personal data. That’s why we are fully committed to complying with the General Data Protection Regulation (GDPR) of the European Union and other applicable privacy laws. This Privacy Policy explains clearly and transparently how we collect, use, and protect the personal information you provide when you use our website.
By using the functionalities of the Ollie website or interacting with us, you confirm that you have read and agree to the terms of this Privacy Policy. We know that legal texts can be tedious, but we have prepared this document with an accessible and human tone – exactly how we like to communicate at Ollie – so that you can easily understand how we handle your data.
Who We Are and Contact Information
Ollie is a brand dedicated to skin care and sun protection. The European operation of Ollie is managed in compliance with EU data protection laws. For GDPR purposes, Ollie Netherlands B.V. acts as the data controller for personal data collected on this website.
- Data Controller: Ollie Netherlands B.V.
- Address: Weerdestein 97, Office 219, 1083GG Amsterdam, Netherlands.
- Contact Email: contact-europe@olliesuncare.com
- Phone: +1 (555) 821-5741
If you have any questions about this Privacy Policy or about the use of your personal data, you can contact us at the email address above. We are here to clarify any questions – don’t hesitate to get in touch!
Data We Collect
We only collect the personal data necessary to offer you our products and services effectively and in a personalised manner. The personal data we may collect include:
- Identification and Contact Data: Name, surname, email address, phone number, address (billing and delivery), and login information (e.g., account details/registration, such as username and password).
- Transaction Data: Payment details (e.g., payment method, credit card information – limited to the last four digits, as we use secure payment partners –, IBAN or other data for payment processing) and purchase/order history made on our website.
- Preference and Interaction Data: Information you provide voluntarily, such as product preferences, survey or satisfaction study responses, product comments or reviews, and communications sent to our support or customer service team.
- Navigation and Device Data: IP address, browser type and version, operating system, preferred language, access times, and clicked URLs. We also collect information through cookies and similar technologies about how you interact with our website – for example, which pages you visited, how long you navigated, products viewed or added to the cart, etc. This usage information helps us better understand user interests and improve the experience on the site.
- Marketing Data: If you have subscribed to our newsletter or given your consent to receive promotional communications, we record that preference along with your email and interaction history (e.g., if you opened or clicked on emails sent).
- Social Media Data: If you interact with us through messages or mentions on our official social media accounts (Instagram, Facebook, etc.), we may receive some information from your public profile or content that you choose to share voluntarily. Similarly, if you opt to log in to our website using social media credentials (if we offer that functionality), we may receive certain data from your social account, as authorised by you and the platform in question.
Note: We do not intentionally collect sensitive data (such as health information, religious beliefs, genetic/biometric data, etc.) from our customers for the purposes described here. Please avoid providing us with this type of information when using our channels. We also do not target our products or services to children under 16 years old. We do not intentionally collect data from children under 16 without verifiable parental consent. If you are a parent or guardian and believe that a minor under your responsibility has provided us with personal data, please contact us so that we can delete that information.
All personal data is collected in two ways: directly from you (e.g., when you register on the site, make a purchase, or send us a query) or automatically, through your interaction with the site and our communications. Whenever we collect your data, we indicate whether the requested information is mandatory or optional. Please note that if you choose not to provide certain data marked as mandatory (e.g., for delivery), it may not be possible to provide you with the requested service or product.
How We Use Data (Purposes and Legal Bases)
We use your personal data only for legitimate and clear purposes, and always with an appropriate legal basis under the GDPR. Below, we explain how we use your data and the legal basis for each purpose:
| Purpose | Legal Basis |
|---|---|
| Process and deliver your purchases | Performance of a contract |
| Manage your account and provide assistance | Performance of a contract or pre-contractual measures; Legitimate interest |
| Send news and offers (direct marketing) | Consent |
| Personalise experience and recommendations | Legitimate interest |
| Improve the site, products, and strategies | Legitimate interest |
| Comply with legal obligations | Legal obligation |
| Prevent fraud and ensure security | Legitimate interest |
| Other specific purposes | Consent or legal obligation |
Whenever we rely on legitimate interest as a legal basis, we conduct a Legitimate Interest Assessment (LIA) to ensure that your rights are not prejudiced.
Sharing Data with Third Parties
We do not sell, rent, or commercialise your personal data. However, we may share it with:
- Service Providers (Data Processors): Transport companies, payment processors, hosting services, marketing tools, and customer support services, which receive only the necessary data and are bound by confidentiality agreements.
- Ollie Group Companies: For centralised management, with equivalent protection practices.
- Competent Authorities: When required by law or to protect rights, property, or safety.
- Business Transactions: In the event of a merger or acquisition, with appropriate safeguards.
- Third Parties Authorised by You: With your explicit consent.
International Data Transfers
Your data may be transferred outside the European Economic Area (EEA) to service providers or partners. We ensure protection through:
- EU Standard Contractual Clauses: Contracts approved by the European Commission.
- Binding Corporate Rules: For intra-group transfers.
- Other Safeguards: Such as security certifications (e.g., ISO 27001).
Data Retention
We retain your data only for as long as necessary for the purposes outlined:
| Type of Data | Retention Period |
|---|---|
| Account and Profile Data | While you are an active user; thereafter, for the legally required period |
| Purchase and Billing Data | Up to 10 years (due to fiscal obligations) |
| Marketing Communications | Until consent is withdrawn |
| Navigation Data | Up to 6 months, unless anonymised |
| Support Records | Up to 2 years after case resolution |
After these periods, data is securely deleted or anonymised.
Your Rights
Under the GDPR, you have the following rights:
- Access: See what data we hold about you.
- Rectification: Correct inaccurate data.
- Erasure: Request deletion of your data.
- Restriction of Processing: Restrict data use in certain situations.
- Objection: Object to processing based on legitimate interest.
- Data Portability: Receive your data in a machine-readable format.
- Withdrawal of Consent: Revoke consent at any time.
- Complaint: Lodge a complaint with a data protection authority (e.g., the Information Commissioner’s Office (ICO) in the UK).
To exercise these rights, please contact us at contact-europe@olliesuncare.com. We will respond within one month, which may be extended to two months for complex requests.
Data Security
We implement measures such as encryption, access controls, and monitoring to protect your data. While no system is completely secure, we are committed to minimising risks.
Cookies and Similar Technologies
We use cookies to enhance your experience, analyse website traffic, and personalise advertisements. Non-essential cookies require your explicit consent, which you can manage through our preference centre or your browser settings.
Changes to This Policy
We may update this policy to reflect legal or operational changes. We will notify you of significant changes. Last updated: 2 June 2025.
Contact Us
If you have any questions, please contact us at contact-europe@olliesuncare.com or by phone at +1 (555) 821-5741. We’re here to help!
Brasil (BRL)