Privacy Policy.

Privacy Policy version 2.1, effective date 21st May 2018

This Privacy Policy describes the information ("data") that we ("Creasis Ltd.") gather on or through our services (and the reasons why) as well as how we use and disclose such information, and the steps we take to protect such information. Your data is important and that is why we are committed to safeguarding the privacy of our website visitors and users of our services.

As you may be aware, the EU General Data Protection Regulation becomes law as of the 25th May 2018. The regulation ensures the security of the personal data of EU citizens irrespective of where the processing of their personal data takes place. Consequently, our privacy policy takes the GDPR into account. For more information regarding the GDPR please visit the Information Commissioner's Office or your national information authority.

Creasis Limited is a company registered in England and Wales (company number 08833489). We are registered with the UK Data Protection Registrar, reference number ZA392959.

1. Introduction

1.1 In this policy, "we", "us" and "our" refer to Creasis Ltd.

1.2 “Client”, "User", "Visitor" refer to "you", a customer of Creasis Ltd.

1.3 "Services" includes our websites, applications and other platforms such as our CMS.

1.2 This policy applies where we are acting as a "data controller" with respect to the personal data of our website visitors and service users; in other words, why we process personal data and by what means.

1.4 We use cookies on our website. Not all cookies are strictly necessary for the operation of our website, so we will explicitly ask you to consent to our use of cookies when you first visit our website or use our services.

2. Definitions

2.1 For a detailed breakdown of GDPR related terms please see the following ICO Guidance.

3. Data We Process

3.1 We may process certain types of personal data about you as follows:

3.2 We do not collect any Sensitive Data about you, neither do we collect any information about criminal convictions and offences.

4. How We Collect Data

4.1 Direct Communication: You may provide your personal data by filling in a contact form on one of our websites or by communicating with us by post, phone, email or otherwise.

4.2 Automated technologies or interactions: As you use our websites or services, we may automatically collect Technical Data about your equipment, browsing actions and usage patterns. We collect this data by using cookies, server logs and similar technologies. Please see our Cookie Policy for further details.

4.3 Third parties: We may receive personal data about you from various third parties and public sources, these include:

5. Our Reasons for Processing Data

5.1 We will only use your personal data when legally permitted. The most common uses of your personal data are:

5.2 There are 6 legal bases for processing personal data (as permitted by the GDPR). To explore these terms in more detail please visit:

5.3 We may process Personal Data because it allows us to communicate with you manage our relationship with you. For instance, if you complete a contact form on one of our websites, then you can reasonably expect a response from us.

5.4 We may process Technical Data because it allows us to safeguard our services and technology. This is to ensure that you can receive help should there be a technical problem. Additionally, we need to ensure that the users of our services are genuine and not fraudulent. The purpose of this is for the protection and security of our business and your personal data.

5.5 We may process Usage Data to understand and analyse usage trends and preferences, to improve our services and develop new features and functionalities. All data will be anonymised or aggregated therefore it is not personal data.

6. Disclosures of Your Data

6.1 We will never intentionally disclose your personal data to outside of our company without your prior consent, with the exception of the third parties listed in this Privacy Policy (see section 4.3).

6.2 We require all third parties to whom we transfer your data, to respect the security of your personal data and to treat it in accordance with the law and under our direct instruction.

7. International Transfers of Your Data

7.1 Some of our third parties service providers are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA.

7.2 Whenever we transfer your personal data out of the EEA, we do our best to ensure a similar degree of data protection. We will only transfer your personal data to countries or services providers that adhere to good security practices when processing personal data. For instance, we may transfer data to a company based in the US, such as Google Analytics because they are part of the EU-US Privacy Shield, which requires them to provide a similar level of protection.

7.3 In the unlikely event that this is not the case, we will request your explicit consent or simply not transfer personal data at all. You will have the right to withdraw this consent at any time.

8. Data Retention

8.1 We will not keep your personal data for any longer than necessary.

8.2 We will retain your personal data as follows:

9. Data Erasure

9.1 Data subjects have a right to request the erasure of their personal data, as long as the original legal basis for processing the data, permits the data subject to do so. (See Section 10).

9.2 For access, amendment and erasure enquiries please contact

9.3 You will not have to pay a fee to access your personal data (or to exercise any of the other rights) providing that your request is not repetitive or excessive.

9.4 We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to those whom have no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

9.5 We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month, if your request is particularly complex. In this case, we will notify you and keep you updated.

9.6 If you are not happy with any aspect of how we collect and use your data, please contact us.

Our full details are:

9.7 Additionally, if you are not satisfied with our handling of your request, you have the right to complain to the Information Commissioner’s Office (ICO).

10. Your Rights

10.1 Under certain circumstances, you have rights under the GDPR in relation to your personal data. These include the right to. You can see more about these rights at: If you wish to exercise any of the rights set out above, please email us at

10.3 Not all rights under the GDPR can be exercised; it is dependent on the lawful basis that was used to process the personal data in the first place. For more information see:

11. Cookies

11.1 We use cookies across our websites and services. For more information please see our Cookie Policy.

12. Data Security

12.1 We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know such data. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

12.2 We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach, where we are legally required to do so.

13. Changes and Updates to this Policy

13.1 Please revisit this page periodically to stay aware of any changes to this Policy, which we may update from time to time. We'll ensure that it is accessible and indicate the date of the latest revision. For significant changes (and if we hold a current email address) we will notify you by email.

Thank you for taking the time to read our Privacy Policy.

Creasis. Your partner in ideas.

Schwarzkopf Professional
Blond Me
BC Bonacure
Tom's Pies