Version applicable as of 10 June 2021
This Privacy Policy (‘policy’) describes how EcomLT LLC (trading as Derila Weighted Eye Mask, hereinafter referred to as the “Company”, “we”, “us”, “our”) collects, uses, discloses, and stores your personal information and what statutory rights do you have.
We are: EcomLT LLC, trading as Derila Weighted Eye Mask;
Our company number is: 5416329
Our address: 1616 Westgate Circle, Brentwood, TN 37027, USA
Our e-mail address: support@derila.com
When is this relevant for me? | What information do you collect about me | What is your legal basis to collect my information? | Where do you collect the information from? | Am I obliged to provide this information? | How long do you store information about me? |
When you purchase our products | First name, last name, delivery address, phone number, email address, information about your paid purchase price and currency, your credit card brand, type, BIN number and credit card issuer country, IP address, language, device type, payment history | Contract (Art. 6 (1) (b) of GDPR). | From yourself | It is a requirement necessary to enter into a contract. If you do not provide this information, you will not be able to purchase and receive our products. | 10 years |
When is this relevant for me? | What information do you collect about me | What is your legal basis to collect my information? | Where do you collect the information from? | Am I obliged to provide this information? | How long do you store information about me? |
When you use our website or violated our Terms of Service | IP address, device information and ID, web browser information, information on your activity at our website, country, information about violations of Terms of Service and inclusion into a blacklist | Legitimate interest (security and improvement of our website) (Art. 6 (1) (f) of GDPR) | From yourself | No | 1 month after your last use of website; 10 years for information on violations of Terms of Service and blacklist |
When is this relevant for me? | What information do you collect about me | What is your legal basis to collect my information? | Where do you collect the information from? | Am I obliged to provide this information? | How long do you store information about me? |
When you submit an inquiry or file a complaint to our customer support | First name, last name, e-mail address, country, telephone number, subject of your inquiry, date of your inquiry, content of your inquiry, attachments to your inquiry, reply to your inquiry, customer contact history, order ID | Consent (Art. 6 (1) (a) of GDPR)) | From yourself Customer support service providers |
No | 10 years from the moment your last inquiry was received |
When is this relevant for me? | What information do you collect about me | What is your legal basis to collect my information? | Where do you collect the information from? | Am I obliged to provide this information? | How long do you store information about me? |
When we want to inform you or ask your opinion about our products or show you internet ads | Full name, e-mail, telephone number, IP address, order information, country, postback information, website that directed the company’s website, your interaction with internet add | Consent (Art. 6 (1) (a) of GDPR)) Customer relationship Legitimate interest (direct marketing and internet ads) (Art. 6 (1) (f) of GDPR) |
From yourself Social media service providers Marketing service providers E-commerce providers |
No | 5 years, unless you opt-out |
When is this relevant for me? | What information do you collect about me | What is your legal basis to collect my information? | Where do you collect the information from? | Am I obliged to provide this information? | How long do you store information about me? |
If you interact with our social media profiles (e.g., send a message, follow our profiles, share a post, react to a post) | Name and surname, e-mail address, gender, country, picture, message, time and date the message was received, content of the message, message attachments, response to the message, time of response to the message, information about Company’s rating, comments on a post, post shares, information about post reactions. | Consent (Art. 6 (1) (a) of GDPR)) | From yourself and social media service providers | No | 10 years from from your last interaction with our social media profiles |
When is this relevant for me? | What information do you collect about me | What is your legal basis to collect my information? | Where do you collect the information from? | Am I obliged to provide this information? | How long do you store information about me? |
When we receive your application for a job position, when you give us your consent for storing your CV, or we contact you based on the information you publicly disclose on professional social media platforms | Full name, e-mail, phone number, CV, work experience, other information you provide us with | Consent (Art. 6 (1) (f) of GDPR) Contract (Art. 6 (1) (b) of GDPR). Legitimate interest (to contact you if you made your information public) (Art. 6 (1) (f) of GDPR) |
From yourself Professional social media service providers HR agencies |
It is a requirement necessary to enter into a contract only where we intend to enter into an employment contract with you. If you do not provide this information, we will not be able to enter into an employment contract with you. | 6 months after the end of the relevant recruitment process 5 years after you give us your consent or publicly disclose your information on professional social media platforms |
When is this relevant for me? | What information do you collect about me | What is your legal basis to collect my information? | Where do you collect the information from? | Am I obliged to provide this information? | How long do you store information about me? |
When you order our products | Full name, e-mail address, telephone number, bank account number, address, signature, invoices, reports, accounting documents, payments, paid amounts, other information we are statutorily required to collect | Legal obligation (Art. 6 (1) (c) of GDPR) | From yourself Audit service providers |
It is a statutory requirement. If you do not provide this information, you will not be able to buy goods or services from us | 10 years following a transaction |
When is this relevant for me? | What information do you collect about me | What is your legal basis to collect my information? | Where do you collect the information from? | Am I obliged to provide this information? | How long do you store information about me? |
In case we become a party to legal process which you are subject to or we are statutorily required to collect information about you | All of the afore-mentioned information, accounting and legal case files, legal documents, other information you provide us with, other information that we are statutorily required to collect and/or provide | Legal obligation (Art. 6 (1) (c) of GDPR) Legitimate interest (to protect our rights and interests) (Art. 6 (1) (f) of GDPR). |
From afore-mentioned sources, law enforcement authorities, parties that are subject to legal process, courts | Yes, where we are statutorily obliged to collect personal information | 10 years following the end of contractual relationship with us or, whichever is longer, for the duration of legal process and 3 years after a final authority decision came into full force |
If the case arises - information about criminal offenses and convictions | Establishment, exercise, or defence of legal claims (Art. 9 (2) (f) of the GDPR) |
We share your information with information recipients, both within and outside European Economic Area (EEA), in cases where necessary for the above-describe purposes and allowed in accordance with applicable laws.
The information we receive from you in connection with the SMS Services may include your cell phone number, the name of your network operator and the date, time and content of your SMS. No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. For more information about how we use your personal information, including phone numbers, please refer to our privacy policy.
Information recipient or category of information recipient | Purpose of information transfer | Country of the recipient | European Commission decision on whether a non-EEA country has an adequate level of information protection | Suitable safeguards that protect my information, when it is transferred to non-EEA countries |
Accounting and audit service providers | To fulfil statutory accounting requirements | EU | N/A | N/A |
Archiving service providers | To keep our archive | EU | N/A | N/A |
Electronic communication service providers | To operate our electronic communications | EU | N/A | N/A |
Attorneys, notaries, bailiffs, auditors, data protection officers, consultants | To ensure our compliance, defend our rights and interests | EU | N/A | N/A |
E-mail and cloud hosting service providers | To operate IT resources | Worldwide | No | EU Standard Contractual Clauses |
Banking, payment processing and other financial service providers | To process payments | Worldwide | No | EU Standard Contractual Clauses |
Marketing and telemarketing service providers | To market our products | Worldwide | No | EU Standard Contractual Clauses |
Shipping service providers and fulfillment centers | To ship our products | Worldwide | No | EU Standard Contractual Clauses |
Customer support service providers | To provide customer support | Worldwide | No | EU Standard Contractual Clauses |
Social media service providers | To manage our social media profiles | Worldwide | No | EU Standard Contractual Clauses |
Subject to conditions and limitations established by applicable laws, you have a right (i) to receive a confirmation as to whether we collect the information related to you and to request access to that information; (ii) to correct inaccurate or incorrect information, or to supplement it when it is incomplete; (iii) to delete the information we have about you; (iv) to restrict the use of your information where you challenge the accuracy of the information, object to the processing of the information or need your information for legal purposes; (v) to request your information in a structured, commonly used and machine-readable format (vi) to object to the processing of the information; (vii) to withdraw any consent given to us regarding the processing of your information; (viii) to file a complaint with supervisory authorities; and (ix) not to receive discriminatory treatment while exercising your rights. More detailed information on your rights and the cases where they are applicable is provided in the sections below.
You have the right to request that we disclose certain information to you about our collection and use of your information. Once we receive and verify your request we will disclose to you the categories of personal information we collected about you, the categories of sources for the personal information we collected about you, our business or commercial purposes for collecting that personal information, the categories of third parties with whom we share that personal information, the specific pieces of personal information we collected about you and other information that we are obliged to provide under the applicable laws. We have disclosed the information to third parties for a business or commercial purpose as described in Section 4 of this policy.
You have the right to obtain the rectification of inaccurate personal information concerning you. Taking into account the purposes of the processing, you have the right to have incomplete information completed, including by means of providing a supplementary statement.
You have the right to request the deletion of your information collected and maintained by us in the cases where (i) information is no longer necessary in relation to the purposes for which it was collected or otherwise processed; (ii) you withdraw consent on which the processing is based and there is no other legal ground for the processing; (iii) when you object to the processing and there are no overriding legitimate grounds for the processing, or you object to the processing for direct marketing purposes; (iv) the information have been unlawfully processed; (v) where the information have to be erased for compliance with a legal obligation; (vi) the information have been collected in relation to the offer of information society services directly to a child and subject to a consent. Once we receive and verify your request, we will delete (and direct our service providers to delete) your information from our records, unless applicable laws do not provide for deletion of the information in a particular case (for instance, retaining the information is necessary for us or our service provider(s) to complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you, detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities, comply with a legal obligation, make other internal and lawful uses of that information that are compatible with the context in which you provided it).
You have the right to restrict the processing of your information in the cases where (i) the accuracy of the personal information is contested by you; (ii) the processing is unlawful and you oppose the erasure of the personal information and request the restriction of their use instead; (iii) where we no longer need the personal information for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims; (iv) where you have objected to processing.
You have the right to information portability in the cases when you seek to receive the information you have provided in a structured, commonly used and machine-readable form or to transmit that information to another controller where the processing is based on consent or on a contract and is carried out by automated means.
You have the right to object to the processing of your information where the collection and use is based on a task carried out in the public interest or in the exercise of official authority vested or legitimate interest, including profiling, as explained in Section 3 of this policy, or where you object to the collection of your personal information for direct marketing purposes.
You have the right to withdraw any consent given regarding the processing of your information where the processing is based on consent, as explained in Section 3 of this policy, and you seek to withdraw it at any time.
You have the right to file a complaint with supervisory authorities where you want to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or of an alleged infringement of the GDPR.
When you exercise your rights enshrined in applicable laws, you also have the right to non-discrimination. For example, because you exercised your rights under applicable laws, you will not be denied of any goods or services, charged with a different price, provided a different quality of good and services etc.
If you would like to exercise your rights described above, please submit a request to us via e-mail at support@derila.com or our toll-free telephone number: +1 (205) 782-7133 (US).
Sure. You may use an authorized agent to submit a request to opt-out on your behalf if you provide us with the authorized agent written permission to do so. If this is the case, please provide us with a copy of the said permission as instructed under the Section 18 of this policy below. We may deny a request from an authorized agent that does not submit proof that they have been authorized by you to act on your behalf. You may also make a request on behalf of your minor child.
No, we do not make decisions based solely on automated processing, including profiling, which would produce legal effects concerning you.
Yes, our website places the following cookies on your device
Cookie Name | Cookie Description | Cookie Expiry |
Strictly Necessary & Statistics Cookies | ||
_fbp | Used to distinguish and keep track of unique users | 3 months |
_ga | This cookie is used to distinguish unique users by assigning a randomly generated number as a client identifier. It is included in each page request in a site and used to calculate visitor, session and campaign data for the sites analytics reports. | 2 years |
_gat | This cookie is used b y Google Analytics to throttle request rate. | 1 day |
_gid | This cookie stores and update a unique value for each page visited and is used to count and track page views. | 1 day |
__cfruid | Cookie associated with sites using CloudFlare, used to identify trusted web traffic. | During your session only |
_fw_crm_v | Used to track Visitor/User identity and chat sessions performed by the User | 1 year |
_hjid | Hotjar cookie that is set when the customer first lands on a page with the Hotjar script. It is used to persist the Hotjar User ID, unique to that site on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID. | 1 year |
_uetvid | This is a cookie utilised by Microsoft Bing Ads. It allows us to engage with a user that has previously visited our website. | 1 year |
XSRF-TOKEN | This cookie is written to help with site security in preventing Cross-Site Request Forgery attacks. | 1 day |
enence_session | This is used to hold information about your current visit with us. This cookie is essential to the functionality of the site. | While visiting the website only |
c | This cookie is used in order to detect spam and improve the web site's security. Does not store visitor specific data. | 2 years |
soundestID | This cookie is used to determine if the visitor has visited the website before, or if it is a new visitor on the website. | While visiting the website only |
soundtest-views | Assigns a specific ID to the visitor - This allows the website to determine the number of specific user-visits for analysis and statistics. | While visiting the website only |
Marketing Cookies | ||
ads/ga-audiences | This cookie is used by Google AdWords to re-engage visitors that are likely to convert to customers based on the visitor's online behaviour across web sites. | While visiting the website only |
REST/webTracking/v1/event | This cookie measures the efficiency of the web site’s marketing. The cookie is used to measure the conversion rate between website marketing and telephone response. | While visiting the website only |
Targeting Cookies | ||
_gat_gtag_UA_136786017_1 | This cookie is part of Google Analytics and is used to limit requests (throttle request rate). | 1 minute |
You can configure your browser to decline some or all cookies or to ask for your permission before accepting them. Please note that by deleting cookies or disabling future cookies you may be unable to access certain areas or features of our website. You can control the use of functionality cookies, targeting cookies or advertising cookies by adjusting your browser settings. To find out how to manage cookies in your browser, please visit one of the links below:
If you have any questions, comments, or complaints regarding how we collect, use, and store your personal information, our data protection officers are ready to help you. If you need their help, you may contact them at any time via dpo@ekomlita.com.
® 2024 Derila Weighted Eye Mask All rights reserved.