Adoreal General Privacy Notice

For Patients, HCPs/Clinic Staff, Website Visitors

Welcome to the Adoreal Privacy Notice.

Introduction
This privacy notice is intended for:

  • users of Adoreal’s services;
  • visitors to Adoreal’s websites;
  • users of Adoreal’s systems and applications; 
  • members of the general public who are interested in contacting or are being contacted by Adoreal; and
  • any individual who has received this notice.

Adoreal understands that privacy is important to you. We are committed to treating your personal data with care and integrity.

Our privacy notice tells you what personal data we collect and how we collect it, including any data you may provide through this website when you visit the site or inquire about a product or service or take part in an event. It explains what we use your personal data for and how we protect your personal data and keep it safe. This privacy notice explains our general practices. However, where local laws or regulations require that we process information differently, or refrain from such processing, we will always comply with the applicable local law. This website is not intended for children and we do not knowingly collect data relating to children.

Adoreal values your privacy. Adoreal is made up of different legal companies related to us by common control or ownership (the “Adoreal Group”). This privacy notice is issued on behalf of the Adoreal Group so when we mention “Adoreal”, “we”, “us” or “our”, this is who we are referring to. Adoreal Limited (incorporated in the Republic of Ireland under number 72345090 D, whose registered office is at South Circular Road,Dublin 8, Ireland) is the controller and responsible for this website.

It is important that you read this privacy notice together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy notice supplements other notices and privacy policies and is not intended to override them.

We have appointed a data protection officer (DPO) who is responsible for overseeing questions in relation to this privacy notice. If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact the DPO using the details set out below.

Contact details ([email protected])

If you have any questions about this privacy notice or our privacy practices, please contact our DPO in the following ways:
Full name of legal entity: Adoreal Limited
Email address: [email protected]

You have the right to make a complaint at any time to the data protection regulator in the country where you usually live or work, or where the alleged data protection infringement has taken place.  We would, however, appreciate the chance to deal with your concerns before you approach the applicable data protection regulator so please contact us in the first instance.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

Personal data means any information or piece of information which could identify you either directly (e.g. your name) or indirectly (e.g. a unique ID number).

In this privacy notice, we explain:

  • Who is the controller of your personal data?
  • Contact information and your privacy point of contact
  • What personal data do we collect about you?
  • How do we collect your personal data?
  • How do we use your personal data?
  • Why are we allowed to collect and use your personal data?
  • How do we protect your personal data?
  • What are your rights regarding your personal data?
  • With whom do we share your personal data?
  • In what instances do we transfer your personal data outside of your home country?
  • Additional information if you are in the European Economic Area (EEA)
  • Information about children
  • Cookies, Website and Application Data; Use for Analytics and Marketing
  • Third Party Marketing
  • Opting out
  • Change of Purpose
  • How we update this Privacy Notice?
  • Our responsibility regarding websites that we do not own or control

Who is the controller of your personal data?

Adoreal Limited (incorporated in theRepublic of Ireland under number 72345090 D, whose registered office is at South Circular Road, Dublin 8, Ireland) (“Adoreal”) together with the local Adoreal company which has a relationship with you, are the controllers of your personal data.

Contact information and your privacy point of contact

If you want to exercise your rights, have any questions about this privacy notice, need more information or would like to raise a concern, each local privacy point of contact’s details can be found by contacting [email protected].

What personal data do we collect about you?

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). The personal data we collect, and process, may include:

  • Identity data – your name, surname (including prefix or title), alias, gender, age or date of birth, social security number, as well as your preferred language. Similar information about children may also be collected in very limited circumstances, see ‘Information about children’ for more information; 
  • Contact data – information that enables us to contact you, e.g. your personal or business email, mailing address, telephone numbers and profile on a social media platform; 
  • Special Categories of personal data- information about your health, medical treatment;
  • Technical data and network activity information – information about your device and your usage of our websites, apps and systems, including your IP address, device ID, hardware model and version, mobile network information, operating system, platform and other online identifiers, type of browser, browser plug-in types and versions, browsing history, search history, access time, pages viewed, URLs clicked on, forms submitted, time zone setting/physical location and other technology on the devices that you use to access our website;
  • Financial information –your credit card, paypal account or bank details, including account name, account number and sort code if payments are made by you to Adoreal;
  • Usage data – data related to your use of our services offered (including feedback), your purchase history and preferences, your interactions with us, your preferred method of communications with us, and services you may use relating to your selection of aesthetic/cosmetic/plastic surgery practitioners and institutions/clinics;
  • Health information – your health status, health conditions you are experiencing and health information inferred from information that you have provided to us, including an aesthetic assessment where you would be asked questions related to any previous procedures/treatment that you have had, and your potential maximum expenditure. We will also collect feedback from you on your feelings towards your consultation, treatment and post-surgical experience so that we can maintain and improve our service and reduce barriers in communication between you and your healthcare provider;
  • Marketing and Communications Data - includes your preferences in receiving marketing from us and your communication preferences; and
  • Audio visual – photos, videos and voice recordings of you, if you submit those to us.

We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.

You can choose not to give us personal data when we ask you for it. If you decide not to give us your personal data, it may restrict our relationship with you. For example, we may not be able to provide you with the services that you have requested.

How do we collect your personal data?

Directly from you when you:

  • Create an account and profile on one of our websites, or apps - As you interact with our website, we will automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies. We may also receive Technical Data about you if you visit other websites employing our cookies. Please see our Cookie Notice;
  • A clinic creates an account for you as a patient with Adoreal – therefore the clinic that you have contacted may proceed to then create your Adoreal account with Adoreal on your behalf; 
  • Register with us to use Adoreal’s authentication services (currently OTP via mobile phone and email); 
  • Use our websites, apps and systems to inquire about our services;
  • Share or use your social media profile to contact Adoreal; 
  • Sign up with us to receive promotional material;
  • Get in touch for support or to provide feedback;
  • Attend future online events that Adoreal may organise, such as a webcast;
  • Respond to any self-assessment surveys that you may choose to participate in; and
  • Share adverse events or medical information enquiries with us.

From other sources:

  • When you talk about us online, like when you mention Adoreal product in a Tweet or other social media.  If you connect your social media account to our websites, or apps, you will share certain personal data from your social media account with us. This may include your name, email address, photo, list of social media contacts, and any other information you make accessible to us when you connect your social media account to our websites, or apps; and
  • We will receive personal data about you from various third parties, for example, analytics providers such as Google based outside the UK.

How do we use your personal data?

When the law allows us to, we use your personal data for the purposes we have described below in this privacy notice, or for purposes which are reasonably compatible to the ones described:

  1. 1. Purposes -
  2. a. We will receive personal data about you from various third parties, for example, analytics providers such as Google based outside the UK.
  3. b. To perform the contract (for services to you if are a patient/consumer, or the employment contract if you are an employee of Adoreal) that we are about to enter into or have entered into with you, or where it is necessary for our legitimate interests (see below), or those of a third party and your interests and fundamental rights do not override those interests. If you are a patient, Adoreal aims to use your personal data in order to reduce barriers in communication with your healthcare professional/institution/clinic;
  4. c. Where we need to comply with a legal obligation (see below); or
  5. d. To manage and improve Adoreal’s processes and our business operations.
  1. 2. Practically - this means that we will use your personal data to:
  2. a. Provide our products andservices to you;
  3. b. Provide online services to you if you are a patient/consumer –
  4. c. Provide employment opportunities if you are not a patient, but you are interested in applying to be an employee of Adoreal;
  5. e. Identify you and authenticate your access rights to our websites, systems and apps;
  6. f.  To respond to your queries and provide you with information when you request it or when we believe our services may be of interest to you. If we intend to share electronic marketing with you, we will ask for your consent where required and you can opt out at any time;
  7. g. Invite you to provide feedback, participate in research, surveys or attend events;
  8. h. Personalise your experience when interacting with Adoreal;
  9. i. Respond to you if you report adverse events to us – adverse events from your treatment should be reported to the healthcare professional/institution/clinic who treated you, so that medical assessment can be made; and
  10. j. Perform analytics, market research and segmentation to understand your preferences, improve our products and services and our communications to you.
  11. k. Manage our network and information systems security; 
  12. l. Manage our workforce effectively;
  13. m. Respond to reports you make of a possible side effect associated with your treatment by asking you to return to the healthcare professional/institution/clinic that treated you;
  14. n. Keep records related to our relationship with healthcare professionals;
  15. o. Perform data analyses, auditing and research to help us deliver and improve our Adoreal digital platforms, content and services;
  16. p. Monitor and analyse trends, usage and activities in connection with our services to understand which parts of our services are of the most interest and to improve them accordingly; and
  17. q. Prepare and perform management reporting and analysis, including analytics and metrics.

Generally, we do not rely on consent as a legal basis for processing your personal data although we will get your consent before:

(1) anonymising your personal data with a view to performing analytics on anonymised/aggregated data from which you will not be identifiable; and

(2) sending you direct marketing communications to you via email. Please note that Adoreal’s contact with patients is governed by Adoreal’s terms and conditions with the patient.  Even after any termination of a contract between Adoreal and a healthcare professional/institution/clinic, Adoreal may retain patient contact details. Adoreal may continue appropriate specific marketing activities towards such patients in respect of that patient’s previous contact with Adoreal, pursuant to the Privacy and Electronic Communications (EC Directive) Regulations 2003 (as may be updated from time to time).

You have the right to withdraw consent to these activities at any time by contacting us at [email protected]

“Legitimate interest” means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent orare otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.

“Performance of a contract” means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.

“Comply with a legal obligation” means processing your personal data where it is necessary for compliance with a legal obligation that we are subject to.

To achieve other purposes.

We will use your personal data:

  • To follow applicable laws and regulations;
  • To respond to requests from competent public authorities;
  • To tell you about changes to our terms, conditions and policies;
  • To exercise or defend Adoreal against potential, threatened or actual litigation;
  • To investigate and take action against illegal or harmful behaviour of users.
  • To protect Adoreal, your vital interests, or those of another person;
  • To gain insights and feedback on our services in order to correct or improve them, by analysing information from external sources such as Google, Facebook and Twitter (and others);
  • To deliver services to you via your smart device and our mobile apps; and
  • When we sell, assign or transfer all or part of our business.

We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate. Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.

Purpose/Activity Type of data Lawful basis for processing including basis of legitimate interest
To register you as a new customer (a) Identity
(b) Contact
Performance of a contract with you
To manage our relationship with you which will include:
(a) Notifying you about changes to our terms or privacy policy
(b) Asking you to leave a review or take a survey
(a) Identity
(b) Contact
(c) Marketing and Communications
(a) Performance of a contract with you
(b) Necessary to comply with a legal obligation
(c) Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services)
To administer and protect our business and this website
(including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)
(a) Identity
(b) Contact
(c) Technical
(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise)
(b) Necessary to comply with a legal obligation
To use data analytics to improve our website, products/services, marketing, customer relationships and experiences (a) Technical
(b) Usage
Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)
To make suggestions and recommendations to you about services that may be of interest to you (a) Identity
(b) Contact
(c) Technical
(d) Usage
(e) Marketing and Communications
Necessary for our legitimate interests (to develop our products/services and grow our business) and/or Your consent to receiving direct Marketing and Communications

Why are we allowed to collect and use your personal data?

We can collect and use your personal data when one of the following applies:

  • 1. To take steps before entering into a contract or perform a contract; 
  • 2. To follow the law, for example:
  • a. Record-keeping regulatory monitoring and reporting obligations, including those related to adverse events, product complaints and product safety; and
  • b. Complying with anti-corruption and transparency obligations;
  • c. You have specifically given us your permission when such permission is obligatory (the law calls it“consent”). You can withdraw your consent at any time. We will normally need your consent in the following circumstances:
  • i. Placing cookies on your device to find out how you use our websites so we can personalise what you see by tailoring content and notifications to the things you are interested in;
  • ii. Certain situations where you share sensitive personal data about yourself, such as your health, although GDPR does allow us to process your sensitive personal data if it is under a contract with your treating healthcare professional/institution/clinic in order to assist with the provision of medical treatment to you;
  • iii. Before we send you certain electronic marketing communications; and
  • iv. In any other situation where personal data processing relies upon your consent.
  • 3. We need to use your personal data for legitimate business purposes, for example, to enable us to run our business successfully. These include:
  • a. Sending direct marketing materials to you where you have already contacted us about your interest in exploring treatments in aesthetic/cosmetic/plastic surgery (you will always have the right to opt out of marketing and promotional communications);
  • b. Conducting audits and internal investigations and complying with internal policies on anti-bribery and conflict of interest;
  • c. Managing our IT and communications systems and networks;
  • d. Planning and improving our business activities;
  • e. Conducting training and gathering feedback for ensuring quality control;
  • f. Protecting our rights, privacy, safety or property, and/or that of our affiliates, you or others;
  • g. To provide the functionality of the services we provide you, which includes arranging access to your registered account, and providing you with related customer service;
  • h. Verifying your eligibility to access certain services and data that may be provided only to licensed healthcare professionals or otherwise conducting background checks to ensure we are not precluded from offering services to you;
  • i. Analysing or predicting your preferences to identify aggregated trends to develop, improve or modify our services and business activities;
  • j. Responding to and handling your queries or requests;
  • k. Sending administrative information to you, such as changes to our terms, conditions and policies;
  • l. Completing your transactions and providing you with related customer service; and
  • m. Reaching out to you to provide information about our services or request input on surveys relating to our services;
  • n. For the establishment, exercise or defence of legal claims or proceedings;
  • o. To protect your vital interests or those of others; and
  • p. Because it is necessary for reasons of substantial public interest, on the basis of applicable laws.

How do we protect your personal data?

We want to make sure your personal data is not shared with or used by those not allowed to see it. We use a variety of security measures and technologies to help protect your personal data.

We carefully choose service providers to work with, and check they have security measures and technologies in place to protect your personal data. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

However, there are no guarantees that adata transmission or storage system is 100% secure. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us using the details at the ‘Contact information and your privacy point of contact’ section.

What are your rights regarding your personal data?

You have rights we need to make you aware of. The rights available to you depend on our reason for processing your personal data and the local law in your jurisdiction, and there are exceptions to some rights. Depending on this you may have the right to:

1. Withdraw your consent to us processing your personal data at any time for direct marketing purposes or where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you with draw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent, please contact [email protected] for further details.  This withdrawal request will need to be handled by the Adoreal data protection officer, to assess what personal data (if any) can be deleted, and if so, for what specific use. Please note that personal data that forms apart of medical records cannot be deleted as a matter of public policy;

2. Ask Adoreal about the processing of your personal data including to be provided with copies of your personal data (through a "data subject access request").;

3. Ask us to correct information you think is inaccurate or incomplete, although we may need to verify the accuracy of the new data you provide to us;

4. Ask us to delete your personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request;

5. Ask us to restrict the processing of your information.  This enables you to ask us to suspend the processing of your personal data in the following scenarios:
a.    If you want us to establish the data's accuracy;
b.    Where our use of the data is unlawful but you do not want us to erase it;
c.     Where you need us to hold the data even if we no longer require it as you need it to
d.    establish, exercise or defend legal claims; or
e.    You have objected to our use of your data, but we need to verify whether we have overriding legitimate grounds to use it.

6. Object to our processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms; 

7. Ask that we transfer information you have given us from one organisation to another, or to give it to you.  We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you; and8.    Complain to your local data protection authority.

You can find out how to get in touch with us to ask us to do any of the above by looking at the ‘Contact information and your privacy point of contact’ section.

For your protection, and to protect the privacy of others, we may need to verify your identity before completing what you have asked us to do and to ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.

We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

Where we have relied upon your permission to use your personal data, and you later withdraw that permission, we may not be able to complete some of the activities described in ‘How do we use your personal data’. 

How long do we keep your personal data?

In some jurisdictions, we are legally required to keep your personal data for certain periods. How long depends on the specific legal requirements of the jurisdiction you are in when you share your information with us.

We will always keep your personal data for the period required by law and where we need to do so in connection with legal action or an investigation involving Adoreal. Otherwise, we will keep your personal data for as long as we have a relationship with you, in order to respond or process a question or request from you. Adoreal’s contact with patients is governed by Adoreal’s terms and conditions with the patient. Even after any termination of a contract between Adoreal and a healthcare professional/institution/clinic, Adoreal may retain patient contact details and Adoreal may continue appropriate specific marketing activities towards such patients in respect of that patient’s previous contact with Adoreal, pursuant to the Privacy and Electronic Communications (EC Directive) Regulations 2003 (as may be updated from time to time); and

We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

Insofar as the processing of personal data is based on your consent, we will delete this data if you withdraw your consent, subject to the technical ability to do so and so far as such a deletion would not require disproportionate effort on our part. This deletion request will need to be handled by the Adoreal data protection officer, to assess what personal data (if any) can be deleted, and if so, for what specific use. Please note that personal data that forms a part of medical records cannot be deleted as a matter of public policy.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data, and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting, or other requirements.

With whom do we share your personal data?

We share your personal data on a need to know basis, and to the extent necessary to follow laws and regulations, and in the context of managing our relationship with you.

We share your personal data only with teams in our Adoreal companies and affiliates who need to see it to do their jobs. We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

We will also share your personal data with other entities, for example:

  • Marketing agencies working withAdoreal to improve its patient/consumer offering;
  • Technology suppliers and system administration services providers who work with us to develop and improve our websites, digital forums and apps;
  • Media services providers who work with us;
  • Any entity who may acquire us or part of our business or brands. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy notice;
  • Suppliers of healthcare professionals/institutions/clinics that are managing adverse event reports;
  • Local or foreign regulators, courts, governments, tax authorities and law enforcement authorities who require reporting of processing activities in certain circumstances; and
  • Professional advisors, such as insurers, bankers, auditors, accountants and lawyers.

In what instances do we transfer your personal data outside of your home country?

We work all over the world. Therefore, where your applicable law allows it, we may need to transfer and use your personal data outside of the country where we collect it from you. We implement appropriate measures to protect your personal data when we transfer your personal data outside of your home country such as data transfer agreements that incorporate standard data protection clauses. The data privacy laws in the countries we transfer it to may not be the same as the laws in your home country. Law enforcement agencies, regulatory agencies, security authorities or courts in the countries we transfer your personal data to may have the right to see your personal data.  If applicable law does not allow transfer of specific personal data outside a country, we will comply with that applicable law.

Additional information if you are based in the European Economic Area (EEA)

The European Commission recognises that some countries outside the EEA have similar data protection standards. If we transfer your personal data to a country outside the EEA that does not have similar data protection standards, we do so based on standard contract clauses adopted by the European Commission, to ensure the respective recipient protects your Personal Data adequately in accordance with this privacy notice. These enable us to make international transfers of personal data within our group of companies and meet the data protection laws of theEuropean Union and the General Data Protection Regulation (GDPR).

Information about Children

Whilst our services are not ordinarily directed to children, occasionally we may receive your child’s data, for example, if you provide that personal data to us because you are looking for a treatment for them that involves aesthetic/cosmetic/plastic surgery. We will only ever receive this with your consent. Please see ‘What personal data we collect about you’ for more information.

Cookies, Website and Application Data; Use for Analytics and Marketing

Our websites may use cookies and similar technologies. You can choose to accept or decline cookies. If you choose to decline cookies, not all elements of our websites, apps and services may function as intended, so your experience may be affected.

To the extent that your local laws consider the information collected by cookies and other technologies as personal data, we will treat that information to the standards set out in this privacy notice.

We strive to provide you with choices regarding certain personal data uses, particularly around marketing communications from us and/or the relevant company in the Adoreal Group.  You will receive marketing communications from us or the relevant company in the Adoreal Group if you have requested information from us or the relevant company in the Adoreal Group and you have not opted out of receiving that marketing.

We collect information about your computer browser type and operating system, websites you visited before and after visiting our websites, standard server log information, Internet Protocol (IP) addresses, location data, mobile phone service provider, and mobile phone operating system. We use this information to understand how our visitors use our websites and mobile applications so that we can improve them, the services we offer, and our advertising. We may also share this information with other companies within the Adoreal group and with other third parties. Some of our websites use Google Analytics, a web analytics service provided by Google, Inc.(“Google”). Google Analytics uses cookies to analyse use patterns and may collect information about your use of the website, including your IP address.More information on Google Analytics can be found here. If you would like to opt-out of having your data used by Google Analytics, you can opt out here.

We also use remarketing services offered by our advertising partners to personalise advertisements for visitors to sites of their advertising networks (i.e. websites other than Adoreal’s). On these pages, you may be shown advertisements that refer to your interactions with Adoreal previously. To turn off personalisation for advertisements served by Google click here. To turn off personalisation for advertisements served by Facebook click here. Many companies that display interest-based advertising are members of the Network Advertising Initiative ("NAI"), the DigitalAdvertising Alliance ("DAA") or the European Interactive DigitalAdvertising Alliance (“EDAA”). To opt-out of interest-based advertising by members of these initiatives, you can visit their websites athttps://optout.networkadvertising.org, https://optout.aboutads.info andhttps://www.youronlinechoices.com.

We may use the data you share with us to make decisions about your interests and preferences so we can make the marketing materials we send you more relevant. We may also combine the information we hold about you with data about your interests or demographics that third parties have collected from you online and offline, to make your experience more personalised and further tailor our marketing materials. You have certain rights in relation to this – please see 'What are your rights regarding your personal data?' above for further information.

We use Facebook custom audience tools. This allows us to provide personalised advertising to you when you use Facebook’s platforms by matching the email address we hold for you with the email addressFacebook holds for you, to show you the most relevant Adoreal advertisements. We only do this where you have given us consent. Sometimes we may also use information about you to build lookalike models. This allows us to generate similar audiences of prospective customers (who may have similar interests or demographics to you) through advertising platforms like Facebook or Google, based on data that the advertising platform holds about other people. Usually this means sharing your email address with our advertising partners. If you wish to opt out of similar audiences in Google, you can do so here.

Third Party Marketing

Adoreal does not share your personal data with any third party for marketing purposes. In the event, we wish to do so, we will get your express opt-in consent before we share your personal data with any third party for marketing purposes.

Opting out

You can ask us to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you or by contacting us at any time at [email protected].

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly. For more information about the cookies we use, please see our Cookie Notice.

Change of Purpose

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so. Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

How do we update this Privacy Notice

From time to time, we will update this Privacy Notice. Any changes become effective when we post the revised Privacy Notice on the Adoreal website. This Privacy Notice was last updated as of the“Last Updated” date shown above. If updating changes are significant, we will provide a more prominent notice to let you know what the changes are.

Our responsibility regarding websites that we do not own or control.

Our websites and applications may contain links to third party websites, plug-ins or mobile applications we do not own or control. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. Our Privacy Notice does not cover them. Please read the privacy notices on those websites and mobile applications if you would like to find out how they collect, use and share your personal data.