Who we are
We are Studio27 a Dutch brand for professional and high quality material for gel and acrylic nails.
Our principal clients are professional nail technicians and people who begins in the nails world. Studio27 is the developer of the innovating nail system “Perfect Shape Molds” which consist on makilng nails with only 3 steps.
Our products can be found in our website www.s27.nl and they can be sent worldwide.
Our contact information
Studio27 is a Company registrated in The Netherlands
Studio27 is the Data Controller of any information collected from you by us.
Our company number is: 04217916
Our registered office address is: Ovenbouwershiek 5, 7328JH, Apeldoorn, The Netherlands
What personal data we collect and why we collect it
The information that we collect is: Name, addres, e-mail and telephone number.
We only use your information where you’ve given us your consent, where its necessary to deliver the products you’ve requested, where it’s necessary to exercise or comply with legal rights or obligations, or for normal business purposes of the kind set out in this policy.
When we need to do so to deliver our products of an order you’ve entered – or are entering – into, such as buying molds or gels.
How we use personal data to perform sales.
- Ensuring our products are accessible and usable by you on your specific device, for example by altering the way we display information to you based on your device type;
- Generating results in response to your search queries, for example providing you with a list of products and variations that best meet your requirements;
- Where you select a delivery method that you’d like to to receive your product(s):
- facilitating the completion of that order from within our services, which will involve us collecting and transferring to that package delivery company all information required to enable the product to be delivered, including your contact details (Name, address,e mail and telephone number) and payment details;
- Responding to communications you have sent us, such as via our email, email form on our website or on social media; and
- Where you have created an account with us, maintaining and administering this and ensuring that it is kept up-to-date and accessible;
To improve or optimise our services and to otherwise protect or further our legitimate interests. This includes pretty serious reasons like fraud prevention and security but also fun ones like product enhancement so we can keep making S27.nl even better for our customers.
Our legitimate interests.
- Security and fraud-prevention purposes, we do not hold any information about your credit card, it is all made by Paypal account or Ideal account;
- Identifying and correcting faults with our services or areas for improvement through use of information like browser type, operating system, locale and language information and general site activity alongside any specific feedback you may provide to us from time to time;
- Providing customer service or help services to you in relation to any questions you raise or issues you might encounter while using ordering our products;
- Understanding and evaluating how, when and why people are using s27.nlfor the purposes of delivering, evaluating, improving and optimising the delivery of our products.
- Measuring the effectiveness of our communications through recording and analysing whether emails we have sent users have been opened.
- Personalising your experience of our services in order to ensure your experience on Studio27 is as helpful, efficient and relevant as possible. For example:
- If you have asked us to send you newsletters or other marketing communications, we may tailor the timings or content of these to reflect what we believe will be of most interest to you;
- Personalising your experience involves us creating a profile and timeline of your activity on our services. However, we are careful to ensure that our activities do not involve undertaking any profiling or automated decision making that might have any legal or other significant effects on you.
Where we process your personal data based on a legitimate interest we will only do so where the processing is relevant, adequate and limited to what is necessary for the purpose it was collected for. And of course, we’ll always ensure our legitimate interests don’t unfairly impact on your own rights and freedoms.
When we have your consent. More on when we rely on your consent.
We will obtain your consent for purposes such as:
- Sending you emails for products you request such as Price Alerts;
- Sending you direct marketing communications via email, push notification or other means where you have consented to us doing so;
- Storing certain cookies on your device, where doing so requires consent; and
- Recording and evaluating feedback you give us where you agree to take part in one-to-one user testing.
Where we process your personal data based only on your consent, you can withdraw this consent at any time either by using the functionality provided within the appropriate product feature or by contacting us.
Where it’s necessary to exercise or comply with our own legal rights or obligations. Our legal obligations.
We may need to retain and use your information in connection with legal claims, or for compliance, regulatory and auditing purposes. For example we may retain information where we are required by law, or if we are compelled to do so by a court order or regulatory body. Also, when you exercise any applicable legal rights you have to access, amend or delete your personal data, we may request identification and verification documents from you for the purpose of confirming your identity.
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
Where do we send your data.
Visitor comments may be checked through an automated spam detection service.
We have different retention policies for different types of personal data, taking into account:
We only keep your data for as long as we need it, or are required to for legal reasons. We’ll then either delete it or anonymise it so it doesn’t identify you. We treat data differently depending on what it’s used for, but you can ask us to delete your personal data at any time.
We keep your personal data only for as long as we need to. This depends on why it was collected, or if we have a continuing legal basis to do so (such as to fulfil a contract between us, perform a service you requested or for our legitimate interests). Rest assured, if we no longer have a reason or legal requirement to process your personal data, we will delete it or store it in a way so that it no longer identifies you.
The purpose for collecting the personal data;
How long it will take to fulfil that purpose; and
Any specific reason or overriding legal obligation to retain the personal data for a specific amount of time.
Also, if you have an account with us, we will keep personal data such as your email address, name and other details so you can log in and access our services for as long as you have an account. We may keep other information indefinitely – such as site activity linked to an IP address – which we use to help us understand our customers, improve our products and services and protect our business interests.
No matter how long the retention period, you can ask us to delete your personal data in certain circumstances. Find out more about how you can manage your personal data in the What are your choices and rights? section of this policy.
What are your choices and rights?
If you’ve got a www.S27.nl account, you can access, edit, download or delete the key personal data associated with your profile at any time by going to your Profile. From here you can also manage your subscription and marketing preferences.
You also have rights in relation to the personal data we have about you, which we explain in more detail below. You can exercise these rights by getting in touch with us via our Contact Area.
You have the right to ask us for a copy of your personal data; to correct, delete or restrict processing of your personal data; and to obtain the personal data you have provided to us in a structured, machine readable format. In addition, you can object to the processing of your personal data in some circumstances (in particular, where we don’t have to process the data to meet a contractual or other legal requirement). Where we have asked for your consent, you may withdraw consent at any time. If you ask to withdraw your consent to S27.nl processing your data, this will not affect any processing which has already taken place at that time.
These rights may be limited, for example if fulfilling your request would reveal personal data about another person, or if you ask us to delete information which we are required by law or have compelling legitimate interests to keep. If you have unresolved concerns, you have the right to complain to a data protection authority.
To the extent that you’re unable to satisfactorily exercise any of these rights via your Profile, you can do so by contacting our Data Protection Officer via our Contact Area.
If you have unresolved concerns, you have the right to complain to a data protection authority.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
When is your information shared with or collected by third parties?
We share your information only where you ask us to, where it’s a necessary part of doing business with you and providing you with the products, or where we need to for legal reasons. Companies that help us deliver our products will also collect and use your data on our behalf.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
How do we keep your personal data secure?
Safeguarding your privacy is embedded in our culture and we use a combination of industry-standard methods to protect it.
Keeping your personal data secure is our highest priority. We limit access to only those www.s27.nl group employees who have to come into contact with your information to do their jobs and deliver our services.
Unfortunately, no website or app can guarantee complete security but we have created an organisation-wide security program designed to keep your personal data as safe as possible. It uses a range of technical, organisational and administrative security measures and best-practice techniques, depending on the type of data being processed. For example, the computer systems we use to store your data have access limitations and in-cloud based servers that use industry-standard disc encryption. We use TLS and HTTPS encryption to protect your personal data when we transfer it across the internet. And we carry out security assessments on Third Party Processors who handle your data.
To make sure we maintain a culture of ‘Privacy by Design’, we provide thorough data protection and privacy training to all www.s27.nl group employees. We develop our services with the goal of using the minimum amount of personal data possible, including through use of data minimisation techniques like anonymisation and pseudonymisation. Also, whenever we develop or update our services in ways that involve the collection or use of new forms of personal data, we conduct a privacy impact assessment to understand, and reduce, the likelihood of any unintended impact on you.
Where do we store your information?
Your data is securely stored in data centers around the world – the exact location depends on where you are when you use www.s27.nl. Your data will only be processed by suppliers who provide appropriate contractual safeguards for the information they process. Sometimes your data may be stored in countries with different levels of security to your own but we always make sure their standards meet ours.
We store the information we collect from you on secure servers in various locations, depending on where you are in the world when you access our site. Currently, we use servers that are located in United States of America, they may change depending of the needs of the company. These servers are provided and/or supported by third parties acting under our instruction.
Sometimes the countries that your data is transferred to, or stored in, may have different, or less stringent, data protection and security standards than your own. However, subject to the local laws in these countries, we’ll provide the safeguards needed to protect your data regardless of location. We do this through a combination of appropriate technical, organisational and administrative security measures, and by putting in place the necessary legal contracts to backup these requirements. For example, we will only store European users’ personal data outside the European Economic Area where a European Commission-approved method of validating the transfer has been put in place.