Privacy Policy
OVERVIEW
This website, www.ourgoodlab.com (“site”, “website”), is operated by Our Good Lab Pte. Ltd. Throughout the site, the terms “we”, “us” and “our” refer to Our Good Lab Pte. Ltd., through our brand name Our Good Lab.
This Privacy Policy (“Policy”) describes in more detail how we may collect, use, disclose or otherwise process your personal data (defined below) when you visit or make a purchase from the site and/or use any of the services operated by or products sold by us (collectively, “services”).
By visiting the site and/or purchasing or using our services, you signify that you have read and understood this Policy. Where this is required under applicable law, you provide your consent to us collecting, using, processing and disclosing your personal data in accordance with this Policy. Where we rely on your consent, you may withdraw this consent at any time. More information about your rights, and how to exercise them, is set out below in the “Your rights” section below.
COLLECTION OF PERSONAL DATA
When you visit the site, we collect certain information about your device, your interaction with the site, and information necessary to process your purchases. We may also collect additional information if you contact us for customer support. If you email or contact us via our enquiries email, our “Contact Us” page or otherwise, we will respond and store your email address and information associated with your request whether it be for a career opportunity or a business relationship.
In this Policy, we refer to any data, whether true or not, that can uniquely identify an individual from that data or from that data and other data that we have or are likely to have (including the data below) as “personal data”. See the list below for more information about what personal data we collect and why. We shall seek your consent before collecting any additional personal data and before using your personal data for a purpose which has not been notified to you (except where permitted or authorised by law).
Device information
-
Examples of personal data collected: version of web browser, IP address, time zone, cookie information, what sites or products you view, search terms, usage and technical information and how you interact with the site.
-
Purpose of collection: to load the site accurately for you, perform analytics on site usage to optimize our site, monitor and improve our site, products and services, and personalize our site and services for you.
-
Source of collection: collected automatically when you access our site using cookies, log files, web beacons, tags, or pixels.
-
Disclosure for a business purpose: shared with our processor Shopify and other third party apps and vendors that we may work with at any point in time.
Order and account information
-
Examples of personal data collected: name, username, password, billing address, shipping address, payment information (including credit card numbers, email address, and phone number when you transact with us or subscribe to our services, as required to fulfill your order), and marketing preferences.
-
Purpose of collection: to verify your identity, provide products or services to you to fulfill our contract, perform our obligations in connection therewith, process your payment information to take payment, arrange for shipping, provide you with invoices and/or order confirmations, communicate with you, manage your relationship with us, personalize our site and services for you, screen our orders for potential risk or fraud, and when in line with the preferences you have shared with us, and provide you with information or advertising relating to our products, services, promotions, rewards and events). For example, if you add your email address to our subscription list, we will send you our newsletters and/or content emails at periodic intervals.
-
Source of collection: provided to us voluntarily by you directly or via a third party who has been duly authorised by you to disclose your personal data to us.
-
Disclosure for a business purpose: shared with our processor Shopify and any other third party apps and vendors that we may work with at any point in time.
Customer support information
-
Examples of personal data collected: see above, and depending on the nature of the interaction with us, photographs and other audio-visual information, information related to your social media profile when you interact with us on social media platforms such as Facebook, LinkedIn, Instagram and TikTok.
-
Purpose of collection: to provide customer support, verify your identity, manage your relationship with us, respond, handle, and process queries, requests, applications, complaints, and feedback from you, personalize our services for you, provide you with information or advertising relating to our products, or services, promotions, rewards and events, and communicate with you via social media (as applicable).
-
Source of collection: provided to us voluntarily by you directly or via a third party who has been duly authorised by you to disclose your personal data to us.
-
Disclosure for a business purpose: shared with our processor Shopify and any other third party apps and vendors that we may work with at any point in time.
We may also process personal data for any incidental business purposes related to or in connection with the above, to enforce our Terms & Conditions, for legal claims, compliance, regulatory and investigative purposes as necessary (including disclosure of such information in connection with legal process or litigation), or for any purposes which are required by law.
The purposes listed above may continue to apply even in situations where your relationship with us (for example, pursuant to a contract) has been terminated or altered in any way, for a reasonable period thereafter (including, where applicable, a period to enable us to enforce our rights under any contract with you).
MINORS
The site is not intended for individuals under the age of 18. We do not intentionally collect personal data from children. If you are the parent or guardian and believe your child has provided us with personal data, please contact us at the email address below to request deletion.
USE OF PERSONAL DATA
In addition to the purposes listed above, we use your personal data to provide our services to you, which includes: offering products for sale, processing payments, shipping and fulfillment of your order, and keeping you up to date on new products, services, and offers.
Legal bases
We process your personal data under the one or more of the following legal bases:
-
Your consent;
-
The performance of the contract between you and us;
-
Compliance with our legal obligations;
-
To protect your vital interests;
-
To perform a task carried out in the public interest; and/or
-
For our legitimate interests, which do not override your fundamental rights and freedoms. Where we carry out data processing on the basis of our legitimate interests, you can obtain information on our balancing tests by contacting us at the details set out below.
SHARING OF PERSONAL DATA
We may share your personal data with service providers, agents and other organizations we have engaged to help us provide our services, perform any of the functions above and fulfill our contracts with you, as described above. For example:
-
We use Shopify to power our online store. You can read more about how Shopify uses your personal data here: https://www.shopify.com/legal/privacy.
-
We may share your personal data to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.
In the event that the business is sold or integrated with another business, your details will be disclosed to our advisers and any prospective purchaser’s advisers and will be passed to the new owners of the business.
Where your use of the site is concerned, you acknowledge and accept that certain functions, when activated or used by you, will operate to send or display information about yourself, including but not limited to, your personal data to certain third parties, and you agree to the sharing of such information with these third parties. You acknowledge and agree that we shall not be held responsible or accountable for any loss, injury or damage sustained by you for sharing the aforesaid information arising out of your activation or use of such features on the site.
Transferring personal data outside of Singapore
Some of our service providers, agents and other organizations are located outside of Singapore. Therefore, where required to perform our contract with you or for our wider business purposes, the information we hold about you may be transferred to, and stored at, a destination in Singapore, Indonesia, Philippines and/or the United States. Where personal data is transferred outside of Singapore, we will take steps to ensure that your personal data continues to receive a standard of protection that is at least comparable to that provided under the Singapore Personal Data Protection Act (“PDPA”).
PROTECTION OF PERSONAL DATA
To safeguard your personal data from unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks, we have introduced appropriate administrative, physical and technical measures. You should be aware, however, that no method of transmission over the Internet or method of electronic storage is completely secure. While security cannot be guaranteed, we strive to protect the security of your information and are constantly reviewing and enhancing our information security measures.
ACCURACY OF PERSONAL DATA
We generally rely on personal data provided by you (or your authorised representative). In order to ensure that your personal data is current, complete and accurate, please update us if there are changes to your personal data by informing us in writing via email at the contact details provided below.
RETENTION OF PERSONAL DATA
We may retain your personal data for as long as it is necessary to fulfil the purpose for which it was collected, or as required or permitted by applicable laws. We will cease to retain your personal data, or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purpose for which the personal data was collected, and is no longer necessary for legal or business purposes. For example, where we process user registration data, we do this for as long as you are an active user of our services and for six (6) years after this.
YOUR RIGHTS
Subject to applicable laws, you may have rights in relation to your personal data. Such rights include the right to ask us for a copy of your personal data, to correct your personal data, and to withdraw your consent or object to the processing of your personal data in some circumstances (in particular, where we don’t have to process the data to meet a contractual or other legal requirement, or where we are using the data for direct marketing).
These rights may be limited, for example if fulfilling your request would reveal personal data about another person, where they would infringe the rights of a third party (including our rights) or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping. Relevant exemptions are set out under applicable law, including the PDPA. We will inform you of relevant exemptions we rely upon when responding to any request you make.
Withdrawing consent
The consent that you provide for the collection, use, disclosure and processing of your personal data will remain valid until such time it is being withdrawn by you in writing, although we may have other legal grounds (where recognized under applicable law) for processing your data for other purposes, such as those set out above. In some cases, we are able to send you direct marketing without your consent, where we rely on our legitimate interests. You have an absolute right to opt-out of direct marketing, or profiling we carry out for direct marketing, at any time. You can do this by following the instructions in the communication where it is an electronic message, or by contacting us at the email address below.
You may withdraw your consent and request us to stop using and/or disclosing your personal data by submitting your request in writing or via the email address provided below. Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us.
Whilst we respect your decision to withdraw your consent, please note that depending on the nature and scope of your request, we may not be in a position to continue providing our goods or services to you and we shall, in such circumstances, notify you before completing the processing of your request. Should you decide to cancel your withdrawal of consent, please inform us at the email address below.
Please note that withdrawing consent does not affect our right to continue to collect, use and disclose personal data where such collection, use and disclosure without consent is permitted or required under applicable laws. We may also keep a record of the fact that you have asked us not to send you direct marketing indefinitely so that we can respect your request in future.
Access and correction
If you wish to make (a) an access request for access to a copy of the personal data which we hold about you or information about the ways in which we use or disclose your personal data, or (b) a correction request to correct or update any of your personal data which we hold about you, you may submit your request in writing via email at the contact details provided below.
Please note that a reasonable fee may be charged for an access request. If so, we will inform you of the fee before processing your request.
We will respond to your request as soon as reasonably possible. Should we not be able to respond to your request within thirty (30) days after receiving your request, we will inform you in writing within thirty (30) days of the time by which we will be able to respond to your request. If we are unable to provide you with any personal data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the PDPA).
Unresolved concerns
We hope that we can satisfy any queries you may have about the way we process your personal data. If you are not satisfied with our response or have unresolved concerns, you have the right to lodge your complaint with the relevant data protection authority. You can contact your local data protection authority, or our supervisory authority here: https://www.pdpc.gov.sg/Complaints-and-Reviews/Report-a-Personal-Data-Protection-Concern/Personal-Data-Protection-Complaint.
Automatic decision-making
If you are a resident of the EEA, you have the right to object to processing based solely on automated decision-making (which includes profiling), when that decision-making has a legal effect on you or otherwise significantly affects you.
We do not engage in fully automated decision-making that has a legal or otherwise significant effect using customer data.
Our processor Shopify uses limited automated decision-making to prevent fraud that does not have a legal or otherwise significant effect on you.
Services that include elements of automated decision-making include:
-
Temporary denylist of IP addresses associated with repeated failed transactions. This denylist persists for a small number of hours.
-
Temporary denylist of credit cards associated with denylisted IP addresses. This denylist persists for a small number of days.
BEHAVIOURAL ADVERTISING
As described above, we may use your personal data to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For example:
-
We use Google Analytics to help us understand how our customers use the site. You can read more about how Google uses your personal data here: https://policies.google.com/privacy?hl=en.You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
-
We share information about your use of the site, your purchases, and your interaction with our ads on other websites with our advertising partners. We collect and share some of this information directly with our advertising partners, and in some cases through the use of cookies or other similar technologies (which you may consent to, depending on your location).
For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s educational page at: http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.
You can opt out of targeted advertising by:
-
FACEBOOK - https://www.facebook.com/settings/?tab=ads
-
BING - https://advertise.bingads.microsoft.com/en-us/resources/policies/personalized-ads
Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/.
COOKIES
A cookie is a small amount of information that’s downloaded to your computer or device when you visit our site. We use a number of different cookies, including functional, performance, advertising, and social media or content cookies. Cookies make your browsing experience better by allowing the website to remember your actions and preferences (such as login and region selection). This means you don’t have to re-enter this information each time you return to the site or browse from one page to another. Cookies also provide information on how people use the website, for instance whether it’s their first time visiting or if they are a frequent visitor.
We use the following cookies to optimize your experience on our site and to provide our services.
Cookies necessary for the functioning of the store
|
Name |
Function |
|
_ab |
Used in connection with access to admin. |
|
_secure_session_id |
Used in connection with navigation through a storefront. |
|
cart |
Used in connection with shopping cart. |
|
cart_sig |
Used in connection with checkout. |
|
cart_ts |
Used in connection with checkout. |
|
checkout_token |
Used in connection with checkout. |
|
secret |
Used in connection with checkout. |
|
secure_customer_sig |
Used in connection with customer login. |
|
storefront_digest |
Used in connection with customer login. |
|
_shopify_u |
Used to facilitate updating customer account information. |
Reporting and analytics
|
Name |
Function |
|
_tracking_consent |
Tracking preferences. |
|
_landing_page |
Track landing pages |
|
_orig_referrer |
Track landing pages |
|
_s |
Shopify analytics. |
|
_shopify_fs |
Shopify analytics. |
|
_shopify_s |
Shopify analytics. |
|
_shopify_sa_p |
Shopify analytics relating to marketing & referrals. |
|
_shopify_sa_t |
Shopify analytics relating to marketing & referrals. |
|
_shopify_y |
Shopify analytics. |
|
_y |
Shopify analytics. |
The length of time that a cookie remains on your computer or mobile device depends on whether it is a “persistent” or “session” cookie. Session cookies last until you stop browsing and persistent cookies last until they expire or are deleted. Most of the cookies we use are persistent and will expire between thirty (30) minutes and two (2) years from the date they are downloaded to your device.
You can control and manage cookies in various ways. Please keep in mind that removing or blocking cookies can negatively impact your user experience and parts of our website may no longer be fully accessible, personalized or accessed as quickly or efficiently.
Most browsers automatically accept cookies, but you can choose whether or not to accept cookies through your browser controls, often found in your browser’s “Tools” or “Preferences” menu. More information on how to modify your browser settings or how to block, manage or filter cookies can be found in your browser’s help file or through such sites as www.allaboutcookies.org.
Additionally, please note that blocking cookies may not completely prevent how we share information with third parties such as our advertising partners. To exercise your rights or opt-out of certain uses of your information by these parties, please follow the instructions in the “Behavioural Advertising” section above.
Do not track
Please note that because there is no consistent industry understanding of how to respond to “Do Not Track” signals, we do not alter our data collection and usage practices when we detect such a signal from your browser.
EXTERNAL WEBSITES
The site may contain links to external websites. We make no representations as to the quality, suitability, functionality or legality of the material on external websites that are linked to, or to any goods and services available from, such websites. The material is only provided for your interest and convenience. We do not monitor or investigate such external websites and we accept no responsibility or liability for any loss arising from the content or accuracy of the material and any opinion expressed in the material should not be taken as our endorsement, recommendation or opinion. This Policy does not extend to your use of such external websites. You are advised to read the privacy policy or statement of such external websites before using them.
EFFECT OF POLICY AND POLICY CHANGES
This Policy applies in conjunction with any other notices, contractual clauses and consent clauses that apply in relation to the collection, use and disclosure of your personal data by us. We may update this Policy by uploading a revised version onto our website from time to time in order to reflect, for example, changes to our practices or for other operational, legal, or regulatory reasons. Unless otherwise stated, the change will apply from the date set out in the revised policy. You are responsible for ensuring you are familiar with the latest policy, and we encourage you to review this web page regularly to stay informed. By continuing to access our site and/or purchase or use our services from the date of the revised policy, you agree to be bound by the revised policy. This Policy was last updated on the date shown at the bottom of this web page.
CONTACT INFORMATION
If you have any concerns about how we process your data, any enquiries or feedback about our privacy practices or would like to opt out of direct marketing, you can get in touch with us via email at hello@ourgoodlab.com.
Last updated: 22 March 2024