Last updated and effective as of: September 20, 2019
What Personal Information Do We Collect and How Do We Collect It?
In general, we avoid collecting the Personal Information of users of our Website. The following are some of the types of Personal Information we gather and some of the ways we collect this Personal Information:
Information You Give to Us. We receive and store information that you enter on our Website, or send to us by email. We use the information that you provide for such purposes as responding to your inquiries, customizing your shopping experience, improving our e-store, and communicating with you. Further, if you register an account, make a purchase, join our newsletter, sign-up to receive emails, join our loyalty program, or interact in any way on our Website, we collect and store some of the information you may provide, such as your name, social media handle, email, telephone number, and address. You may also be asked for demographic information, such as your age, or other information, such as your product preferences, beauty needs, or location. To learn more about how you can control the information that we receive from you, see the “What are Your Choices Regarding How We Collect and Use Your Information” section below.
Information We Collect Electronically. We receive and store certain types of information when you interact with our Website. Such information includes the following:
Browsing Information. Like many other sites, we use “cookies” and we obtain certain types of information when your web browser accesses our Website and other content served by us, or on our behalf, on other websites. Cookies are data files placed on a web browser when you visit websites. They are sent to your device to personalize your experience on our Website as they enable us to recognize your device (i.e. mobile phone, laptop, etc.) and provide you personalized features on our Website and storage of items in places like your Shopping Cart between each visit. Other browsing information that we may obtain include the address of websites that referred you to our Website, the path you take through our Website, and other information about your session on our Website. To learn more about how you can control the browsing information that we collect electronically, see the “What are Your Choices Regarding How We Collect and Use Your Information” section below.
Device Information. We collect technical information when you visit our Website. This includes information such as Internet Protocol (IP) address, the type of device you use, your device operating system and browser type, and a unique device identifier.
Location Information. We may collect information about your location when your device is set to provide location information. To learn more about how you can control the location information that we collect electronically, see the “What are Your Choices Regarding How We Collect and Use Your Information” section below.
How Do We Use the Information We Collect?
We generally use the information that we collect in the following ways:
Do We Share or Disclose the Information We Collect?
We may share information as described below:
With Our Subsidiaries or Affiliated Businesses. We may disclose information we collect with our subsidiaries or affiliated businesses.
With Third-Party Service Providers. We employ other companies and individuals to perform functions on our behalf. Examples include hosting our Website, management of our e-store, fulfilling orders, delivering packages, sending postal mail and email, removing repetitive information from customer lists, analyzing data, providing marketing assistance, providing search results and links (including paid listings and links), processing credit card payments, and providing customer service. These third-parties may have access to Personal Information needed to perform these and other functions. These third-parties may not use your Personal Information that we collect for unauthorized purposes. We may share information with third-parties to provide you with product information, promotions, and other offers; to help maintain and operate our Website; or for other reasons related to our business. We may also share with third-parties non-identifying information, such as aggregate statistics or usage information. This does not include selling, renting, sharing, or disclosing Personal Information from our customers for commercial purposes.
With Law Enforcement and Others. We may release account and other Personal Information to comply with any court order, law, or legal process, including responding to any government or regulatory request. We may also release such information to enforce or apply our Conditions of Use and other agreements; or to protect the rights, property, or safety of the Company, other users of our Website, or others. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction. This does not include selling, renting, sharing, or disclosing Personal Information from our customers for commercial purposes.
With Your Consent. You may receive notice when information about you may go to third-parties, and you will have an opportunity to opt-out of our sharing the information.
How Secure is Your Personal Information Collected by Us?
We have technical and organizational measures in place that we believe are reasonable and that are intended to safeguard and protect your Personal Information against unauthorized access, accidental loss, improper use, and disclosure. For example, we currently use Shopify to operate this website, and Shopify uses Secure Sockets Layer (SSL) software which encrypts information you input.
However, you should be aware that information transmitted over the internet is not completely secure because of the nature of the internet and that systems and measures used to secure information are not flawless. For these reasons, although we will use reasonable efforts to protect your Personal Information, including those mentioned above, we do not warrant the security of Personal Information transmitted to us or stored by us. Personal Information that is transmitted to us by you electronically is done at your own risk.
What are Your Choices Regarding How We Collect and Use Your Information?
Can you choose not to provide your information on our website? You can choose not to provide your information to us, however, this information is generally required to make a purchase or to take advantage of certain features on our Website.
Can you control your information that we receive from Facebook or other social media accounts? In order to control the information that we receive about you from Facebook or other social media accounts, you must change your privacy settings within those accounts.
Can you control the information we collect electronically?
Browsing Information. If you want to control how cookies are added to your device, or remove them altogether, the “help” feature on most web browsers will tell you how to change your cookie settings and how to prevent your browser from accepting new cookies. In some cases your browser will show you how to receive a notification you when you receive a new cookie. Additionally, you can disable or delete similar data used by browser add-ons, such as Flash cookies, by changing the add-on settings or visiting the website of your browser’s developer. If you choose to disable your browser from accepting cookies, you may not be able to use all of the features of our Website. For instance, if you block or otherwise reject our cookies, you will not be able to add items to your Shopping Cart, proceed to Checkout, or use any of our Website products that require you to Sign-in.
Location Information. If you want to control the location information we are able to collect, you may do so by the controls in your mobile device’s settings.
What information can you access that we collect about you?
By logging-in to your account you can update your account details, such as your address, and view your order history.
Can you add, update, or delete certain information on your account?
If you do not want to receive email or other mail from us, you can adjust your communication preferences within your account, or simply click the unsubscribe link in the footer of any email we sent you. For additional information regarding additions, updates, or deletions of certain information on your account for California residents and European Union residents and other GDPR data subjects see the sections entitled “Additional Notices to California Residents” and “Additional Notices to European Union Residents and Other GDPR Data Subjects” below.
Are Children Allowed to Use Our Website?
Our Website is not intended for use by children under the age of 13, or to sell products to children under the age of 13. Consistent with the Federal Children's Online Privacy Protection Act of 1998 (COPPA), we do not knowingly collect, use, or disclose Personal Information from anyone under the age of 13 without obtaining the required parental consent. If we determine upon collection that users are under this age, we will not use or maintain their Personal Information without their parent’s or guardian's consent. If we become aware that we have unknowingly collected Personal Information from a child under the age of 13, we will make reasonable efforts to remove this information from our database. If you are a parent or guardian and believe that we might have any information from or about a child under age 13, please contact us by one of the following methods: (i) by email at email@example.com, or (ii) by mail at 325 Kent Avenue, PH2M, Brooklyn, NY 11249. We will review the request and respond promptly.
We strongly recommend that minors 13 years of age or older ask their parents for permission before sending any information about themselves to anyone over the Internet and we encourage parents to teach their children about safe internet use practices.
Consent to Processing of Information in the USA
Our website is governed by, and operated in, and in accordance with the laws of the United States, and is intended for the use of residents of the United States. We make no representation that our Website is governed by or operated in accordance with the laws of any other country. Given that we ship our products internationally, use of your information involves the transmission of some data on an international basis. If you are located outside of the United States, information we collect may be transferred to and processed in the United States (including, but not limited to, credit card processing, your billing and shipping address, email, and phone number). By using our website, or providing us with any information, you: (i) acknowledge that our Website, firstname.lastname@example.org, is subject to the laws of the United States (ii) consent to the collection, processing, maintenance, and transfer of such information in and to the United States, and (iii) waive any claims that may arise under those laws.
If you have any concern about your privacy and our Website, please contact us with a thorough description, and we will try to resolve it.
Additional Notices to California Residents
California Do-Not-Track Disclosure. Section 22575 of the California Business & Professions Code requires website and online service operators to disclose whether they honor web browser do-not-track settings. At this time, our Website is not set up to honor web browser do-not-track settings.
Information on Marketing Disclosures. California Civil Code Section 1798.83 permits our users who are California residents to request and obtain from us once a year, free of charge, information about the Personal Information (if any) we disclosed to third-parties for direct marketing purposes in the preceding calendar year. If applicable, this information would include a list of the categories of Personal Information that was shared and the names and addresses of all third-parties with which we shared such information in the immediately preceding calendar year. To do so, please submit your request by one of the following methods: (i) by email at email@example.com, or (ii) by mail at 263 South 4th Street, PO Box 11004, Brooklyn, NY 11211. We will review the request and respond promptly.
Content Removal Requests for Users Under 18 Years Old. If you are a user under 18 years of age and reside in California, you may request and obtain removal of content or information that you have posted on our Website. To do so, please submit your request by one of the following methods: (i) by email at firstname.lastname@example.org or (ii) by mail at 263 South 4th Street, PO Box 11004, Brooklyn, NY 11211. We will review the request and respond promptly.
You should be aware that a request to remove content or information posted by you on our Website does not ensure or require complete or comprehensive removal of such content or information from our databases.
Additional Notices to European Union Residents and Other GDPR Data Subjects
Our Commitment. We embrace the approach to privacy protection reflected in the GDPR, giving our customers, vendors, and users a greater say in what happens with their data. Please contact us by one of the following methods: (i) by email at email@example.com or (ii) by mail at 263 South 4th Street, PO Box 11004, Brooklyn, NY 11211, if you have any questions about any matters related to our GDPR compliance.
Legal Bases for Processing Personal Information of European Union Citizens or Other GDPR Data Subjects. When processing your Personal information, we may rely on one or more of the following legal bases (or other available legal grounds), depending on the circumstances:
Legitimate Interest. We may process your Personal Information where we have a legitimate interest in such processing for managing, operating, or promoting our business, and where that legitimate interest is not overridden by your interests, fundamental rights, or freedoms.
We may process your Personal Information where we have obtained your consent to such processing.
Contractual Necessity. We may process your Personal Information where such processing is necessary in connection with any contract that we have with you.
Legal Requirements. We may process your Personal Information where such processing is required by applicable law.
We may also disclose any information (including Personal Information) relating to you to law enforcement authorities or any regulatory or government authority in response to any request including requests in connection with the investigation of any suspected illegal activities.
Security of Personal Information of European Citizens or Other GDPR Data Subjects. We have technical and organizational measures in place that we believe are reasonable and that are intended to safeguard and protect your Personal Information against unauthorized access, accidental loss, improper use, and disclosure. For example, we currently use Shopify to operate this website, and Shopify uses Secure Sockets Layer (SSL) software which encrypts information you input.
However, you should be aware that information transmitted over the internet is not completely secure because of the nature of the internet and that systems and measures used to secure information are not flawless. For these reasons, although we will use reasonable efforts to protect your Personal Information, including those mentioned above, we do not warrant the security of Personal Information transmitted to us or stored by us, and Personal Information that is transmitted to us by you electronically is done at your own risk.
Retention of Personal Information of European Citizens or Other GDPR Data Subjects. Our policy is to retain your Personal Information only for as long as is necessary to fulfill the purposes for which we collected such Personal Information, including for the purposes of satisfying any professional, legal, accounting, or reporting requirements to which we are subject. To determine the appropriate retention period for Personal Information, we consider the scope, nature, and sensitivity of the Personal Information, the potential risk of harm from unauthorized use or disclosure of the Personal Information, the purposes for which we collected and processed your Personal Information and whether we can achieve those purposes through other means, and any applicable legal and professional requirements.
Your Rights as a European Resident or Other GDPR Data Subject. You have a number of rights concerning your Personal Information that we hold and use, including the following:
Right of Access. You have the right to be informed about what Personal Information we hold about you and to a copy of this personal data.
Right to Rectification. You have the right to have any inaccurate Personal Information which we hold about you updated or corrected.
Right to Obtain Copies. You have the right to obtain a copy of the Personal Information we have about you, although we reserve the right to charge a fee for this depending on the nature and frequency of your request(s) and our cost to provide the information.
Right to Erasure. In certain circumstances, you may request that we delete the Personal Information that we hold about you.
Right to Complain. You have the right to lodge a complaint regarding the processing of your Personal Information to an applicable governmental or supervisory authority in your country.
Right to Withdraw Consent. Where processing of Personal Information is based on your consent, you have the right to withdraw such consent at any time.
Right to Object. Where we rely on our legitimate interests to process your Personal Information, you have the right to object to such use and we are required to discontinue such processing unless we can demonstrate an overriding legitimate interest in such processing.
Right to Restriction. You have the right to request that we stop using your Personal Information in certain circumstances including if you believe that the personal data we hold about you is inaccurate or that our use of your Personal Information is unlawful. If you validly exercise this right, we will store your Personal Information and will not carry out any other processing until the issue is resolved.