This Privacy Notice sets out the details of how Anna Khanna Ltd (“we”, “us”, “our”) as data controller, collects and processes your personal data through your use of our website located at www.annakhanna.com, or our other online platforms and/or social media channels which, for the purposes of this privacy notice, shall be collectively referred to as ("the Website") or which you provide to us directly.

For the purposes of this Privacy Notice, personal data shall mean any information that can be used to identify an individual whether directly or indirectly (“Personal Data”) as defined by the UK GDPR and the Data Protection Act 2018.

Please read through the content of this Privacy Notice carefully and ensure that you understand it. If you do not understand the content of this Privacy Notice or do not accept or agree with any terms then you must stop using the Website and/ or accessing our online platforms, social media groups or pages immediately. If you have already provided us with any Personal Data then please contact us immediately using the contact details below.

By accessing the Website and providing us with your Personal Data you are warranting that you are over 18 years of age.

If you have any questions about this Privacy Notice or require more information concerning our privacy and data protection practices please contact us at hello@annakhanna.com.

How we collect and process your Personal Data

We may collect and process Personal Data that you provide to us when subscribing to our newsletter or email list, requesting information through a contact form, signing up for a free service or purchasing from our website or by any other communication between us via email, whatsapp or through our Website.

We may also collect and process your personal data through the use of cookies or other tracking software on our Website.

We may also collect and process Personal Data received from third parties as detailed further below.

We do not carry out automated decision making or any type of automated profiling.

Our grounds for collecting and processing your Personal Data

When we collect and process your Personal Data, we will comply with the relevant data protection laws and principles such as the UK General Data Protection Regulation (“UK GDPR”) and the EU General Data Protection (“EU GDPR”) and the Data Protection Act 2018 which means that your data will be used lawfully, fairly and in a transparent way and kept securely and only for as long as necessary for the purposes we have told you about. 

When we collect and process your Personal Data, we do so on the basis of a lawful condition which will be because you have given your consent for us to process your data, we have legal permission to do so, we are under a contractual or legal obligation, or it is in our legitimate interests to do so. We confirm that we shall only collect and process your Personal Data for purposes that are clearly outlined prior to you providing us with your data, or for a legitimate reason.

The types of Personal Data we collect and process

The types of Personal Data which we process will vary depending on your own specific circumstances and the nature of our relationship with you, but typically may include:

Personal and Contact Information: this may include your name, date of birth, email address, phone number, business contact details, correspondence address, IP address and any messages or communications that you may provide to us through our Website. We shall process this data for the purposes of communicating with you and for record keeping on the lawful grounds of legitimate interest;

Customer or Client Information: where you purchase goods and/or services from us then we may process Personal Data in connection with your purchase and the supply of that purchase, as well as keeping appropriate records. Such information may include your personal Information, billing address, delivery address, credit card or other payment details and we shall process this Personal Data on contractual grounds;

Website User Information: this may include comments or statements that you may make or post via the Website, our online platforms or social media channels, images, documents or videos that you share on or through our Website or through any of our pages or other online platforms and information concerning your use of our Website or other online platforms such as your browser information, pixel ID, page views, pages visited, number of visits and where appropriate log-in details. We shall process this information to help us analyse and monitor usage and content of our Website and our other platforms and channels to ensure that the content is relevant, to support our administration and record keeping requirements and to maintain security of our systems on legitimate interest grounds;

Promotional Information: this may be information that you provide in connection with any promotions, marketing or advertising from us or our third parties. We shall use this information to provide relevant offers and advertisements, competitions and promotions and other free resources to you and to monitor our promotional activity, keep records and compile analytics on legitimate interest grounds.


Use of Personal Data for marketing purposes

In accordance with the Privacy and Electronic Communications Regulations (PECR) we may also send you relevant advertisements or marketing information if you:

have ever purchased or enquired about our products or services; and
at the time of your purchase or enquiry you agreed to receive advertising or marketing information from us and you have not opted out from receiving that information.
Where we contact you through email, we shall ensure that our emails clearly display our location and include clear options for you to opt-out from receiving further contact from us in accordance with the CAN-SPAM Act.


You can opt out of receiving any communications from us at any time by using the opt-out links in the communications you receive or by notifying us in writing by email to hello@annakhanna.com.

Please note that opting out of communications will not prevent us from contacting you where we are required to do so in order to provide you with products or services that you have requested or purchased.

We will never share your Personal Data with any third party for their own marketing purposes without your express consent.

Special Category Personal Data

We do not collect any special category Personal Data. Special category data includes Personal Data relating to your health, race or ethnicity, political opinion, religious or philosophical beliefs, trade union membership, genetics, biometrics, sex life or sexual orientation. We do not process any Personal Data relating to criminal offences and convictions.

Disclosure of Personal Data to third parties

We may use any of the following external service providers to support our business and may share your Personal Data with them.

Infusionsoft;
Dubsado;
Kajabi;
Active Campaign;
Mailchimp;
Facebook;
Google;
Paypal;
Stripe;
Zoom;
Dropbox;
Whatsapp;
Thinkific;
Teachable.

We understand that all of these third parties have appropriate technical and security processes in place to protect your Personal Data. If you have any queries concerning how any of these third parties process your Personal Data, we recommend that you review their individual privacy notices which are available on their respective websites.

We may also share your Personal Data as follows:

where it is necessary for external service providers who we have contracted with to provide us with services in connection with our business activities;
where it is required by our IT support or administration support teams;
where it is required by our accountants, lawyers or other professional advisors;

where we are required by a government body or legal obligation or to protect our rights;
where it is required in connection with the sale or purchase of any part of our business or assets;
 
Where we have contracted with an external service provider to provide us with a function or service, we will only disclose such Personal Data that the service provider needs to undertake that function or service and we require that all external service providers agree to keep your Personal Data secure in accordance with the relevant Data Protection legislation.

Transfer of Personal Data

We may transfer your Personal Data to our third-party service providers who are based outside of the UK. Where your Personal Data is transferred outside of the UK by our third-party service providers, we understand that one or more of the following safeguards relating to the security of your Personal Data apply:

the relevant UK regulatory authorities have approved the transfer of data to the country where the service provider is based; or
an adequate level of protection is in place in the country where the service provider is based; or
we have specific contracts in place that ensure a level of data protection comparable with the UK GDPR; or
where the service provider is based in the US, a privacy framework approved by the relevant UK regulator is in place.
Where the above standards do not apply then we will only transfer your Personal Data outside of the UK where one of the following conditions is met: 

you have given your express consent; or
the transfer is legally required.

Data security

We take the protection of your Personal Data seriously and have taken suitable and reasonable steps to protect the Personal Data we hold from misuse, loss, unauthorised access, and any modification or disclosure. 

We limit access to your Personal Data to only those employees, agents, contractor or third parties that we engage that have a business need to access your Personal Data. We confirm that they will only process your Personal Data on our instructions and must agree to keep it safe and confidential.
If you are submitting any Personal Data over the internet that you wish to remain private, please note that whilst attempts are made to secure information transmitted to our Website, there are inherent risks involved in transmitting information across the internet. If you would prefer to provide us with your Personal Data through alternative means then you can contact us using the details below to arrange this. 

Data retention

We agree not to keep your Personal Data for longer than we require having regard to the purposes for which we have collected it, including any legal or record keeping requirements. Where your.

Personal Data is no longer required, we agree to take reasonable steps to destroy or permanently de-identify your Personal Data.

Your rights in relation to the Personal Data we hold 

You have rights under the relevant data protection legislation in relation to your Personal Data. These include the right to be informed about our collection and processing of your Personal Data, you right to access and receive a copy of any of your Personal Data we hold, to ask us to correct any errors, to erase or delete your Personal Data and to restrict or object to how your Personal Data is processed. Should you wish to exercise any of your rights then please contact us by emailing using the details below. 

You will not be charged a fee to access your Personal Data but we reserve our rights to charge a fee where we consider, in our reasonable opinion, that any request you make is unfounded or excessive. We aim to respond to all legitimate requests within one month.

You can find out more about your rights by visiting https://ico.org.uk/your-data-matters/

To ensure the information we hold about you remains accurate please contact us by email using the details below if at any time your personal information changes.

Where you have provided your consent for us to process your Personal Data you can withdraw that consent at any time. Should you wish to do so please contact us by email using the email address below. 

Contact Details

The Website is owned by Anna Khanna Ltd. Our contact email address is : hello@annakhanna.com.

Complaints or concerns

If you have any concerns regarding the use of your Personal Data then please contact us by using the email address referred to above and allow us the time to investigate and resolve your complaint or concern.

If you are based in the UK you also have the right to lodge a complaint with the Information Commissioners Office (ICO), the UK supervisory authority for data protection issues but we would ask that you contact us first and allow us the opportunity to resolve your complaint before contacting the ICO.

If you are not based in the UK then you can pursue a complaint to the relevant regulatory authority in your territory but we would ask that you contact us first and allow us the opportunity to resolve your complaint before contacting them.

Links to other sites

The Website may contain links to other sites. We are not responsible for the privacy practices of those websites and have no knowledge of whether cookies or other tracking devices are used on any such linked sites. If you have any concerns regarding the privacy of your information you should ensure you review the privacy policies of those sites before disclosing any of your personal information.

Changes to this Privacy Notice

We reserve the right to alter or amend this Privacy Notice without any prior notice to you. Should our Privacy Notice be altered, the new Privacy Notice will be posted on the Website.

Your first use of our Website after the date of any amendments or alterations to this Privacy Notice will constitute your acceptance of such changes, therefore we recommend you review this Privacy Notice regularly to keep informed of any changes.

Privacy Policy