Last Revised: Nov 28, 2019
Beauty Club Plus, Inc. (“we”, “our”, “us,” “Beauty Club Plus”) are committed to protecting and respecting your privacy. We are a corporation incorporated in California, United States with a registered office in Inglewood, and for the purpose of the General Data Protection Regulation (the “GDPR”), we are the data controller.
Information We Collect and Use
Information You Provide to Us: When registering as a user to the Services, we receive and store information you enter or provide to us, which may include, but is not limited to, your name, billing address, shipping address, email address, phone number, and for potential Beauty Club Plus members also gender, birthdate, and any other information you provide. When you submit or post information to the Services for public display, including personal data such as your name, photos, comments, reviews, and any other information you choose to post, we receive and store that public information.
As it is in our legitimate interests to be responsive to you and to ensure the proper functioning of our Services, we may use your information to:
- Communicate with you;
- Contact you via telephone or email;
- Identify our users;
- Administer and provide our Services and customer support per your request;
- Personalize our Services for you;
- Improve and develop our Services;
- Analyze your eligibility for Beauty Club Plus per your request;
- Enforce the terms and conditions of our Services;
- If you have opted in to marketing, communicate with you about products, services, promotions, events and other news and information we think will be of interest to you; or
- Provide third parties with statistical and transactional information about our users (but those third parties will not be able to identify any individual user from that information).
Information Collected Automatically: When you use the Services, we automatically receive and record information on our server logs from your browser or mobile platform, including your location, URL, IP address, cookie information (described in more detail below), the page you requested, use information regarding your use of the Services, browser information, and any other data that is tied to such information.
As it is in our legitimate interests to process your data to provide effective services and useful content to you we collect this data in order to:
- Personalize our Services to ensure content from our Services is presented in the most effective manner for you and your device;
- Monitor and analyze trends, usage and activity in connection with our Services and services to improve our Services;
- Monitor customer transaction frequency, products bought, viewed and favorited to personalize and improve content for our customers;
- Administer our Services, including the website, and for internal operations, in order to conduct troubleshooting, data analysis, testing, research, statistical and survey analysis;
- Keep our Services safe and secure; and
- Measure and understand the effectiveness of the content we serve to you and others.
Payment and shipping information: When you purchase a product from our Services, we collect your name, billing address, email address, and payment card information in order to process your payment. We also collect your shipping address and contact details in order to ship the product to you. We process this data to perform our contract with you.
Friends and Contacts Information: You may choose to provide us with another person’s e-mail address or social network profile information so we can invite that person to create an account on the Services and become your friend. We use this information to contact and, if necessary, remind that person about the invitation. By providing us with another person’s e-mail address, you represent to us that you have obtained the consent of the person concerned with respect to such disclosure to us of their personal information. We may disclose such information if required to do so in order to comply with legal process, as described below.
How We share Information About you
We do not sell, rent or lease your personal information to others. In order to compliment, improve and extend the services we offer, we share your information with the following categories of service providers:
- IT service providers, who we use to provision, maintain and improve our Services, including, providing customer service, our email services, to process our customer relationship management information and to conduct software development works in building the components of our Services;
- Payment services providers, who we use to process your payments when you order products from our Services;
- Software development partners, who we use to build, maintain, manage, and improve the systems that support our Services;
- Web Analytics service providers, who we use to collect and process certain analytics data which helps us understand how you engage with our Services;
- Customer segmentation and personalization services providers, who we use to process and receive transactional and behavioral data about users of our Services in order to provide more personalized experiences for you while using our Services;
- Delivery services providers for our domestic and international customers, who we use to deliver our products to you; and
- Third-party advertisers, who we use to process about you and other users of our Services to serve advertisements about goods and services of interest to you when you visit our Services.
Most of our third-party vendors are located in the United States but may process your personal data globally. Please see “Where do we store your information” for more information.
We will share your information with law enforcement agencies, public authorities or other organizations if legally required to do so, or if we have a good faith belief that such use is reasonably necessary to:
- Comply with a legal obligation, process or request;
- Enforce our terms and conditions and other agreements, including investigation of any potential violation thereof;
- Detect, prevent or otherwise address security, fraud or technical issues; or
- Protect the rights, property or safety of us, our users, a third party or the public as required or permitted by law (exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction).
We will also disclose your information to third parties:
- In the event that we sell any business or assets, in which case we will disclose your data to the prospective buyer of such business or assets; or
- If we or substantially all of our assets are acquired by a third party, in which case information held by us about our users will be one of the transferred assets.
Cookies and Similar Technologies
The types of cookies we use can be broken down as follows:
- Strictly necessary cookies. These are cookies that are required for the operation of our Services, including our website. They include, for example, cookies that enable you to use a shopping cart or make use of e-billing services.
- Analytical/performance cookies. These types of cookies allow us to recognize and count the number of visitors and to see how visitors move around our website when they are using our Services. This assists us in improving the way our Services work, for example, by ensuring that you are finding what you are looking for easily.
- Functionality cookies. These are used to recognize you when you return to our website. They allow us to personalize content, recognize users and remember user preferences.
- Targeting cookies. These cookies record a user's visit to a website, the individual pages visited and the links followed. This type of cookies also tracks your movements across different websites and creates profiles of your general online behavior. Information collected by tracking cookies is used to serve you with targeted online advertising.
Certain cookies we use are ‘session’ cookies, while others are ‘persistent, as described below:
- Session cookies. These are cookies that expire at the end of a browser session, which is when you exit the browser. They allow us to link your actions during a single browser session to allow you to use the website most efficiently.
- Persistent Cookies. In contrast to session cookies, persistent cookies are stored on your equipment between browsing sessions. They therefore enable us to “recognize” you when you return to use our Services, including our website.
We use the following cookies on our website:
We use Google Analytics, which is a web analytics tool that helps us understand how users engage with the website. Like many services, Google Analytics uses first-party cookies to track user interactions, as in our case, where they are used to collect information about how users use our site. This information is used to compile reports and to help us improve our Services, including our website. The reports disclose website trends without identifying individual visitors.
You can opt out of Google Analytics without affecting how you visit our site – for more information on opting out of being tracked by Google Analytics across all websites you use, visit this Google page: https://tools.google.com/dlpage/gaoptout.
We use Criteo to place third-party cookies to serve advertising. Ads appearing on other websites may be delivered to users by our advertising partners, who may set cookies. These cookies allow the ad server to recognize your computer each time they send you an online advertisement to compile information about you or others who use your computer. This information allows us to, among other things, deliver targeted advertisements of the products you viewed or similar products available from us that we believe will be of most interest to you.
Most browsers have an option for disabling the cookie feature, which will prevent your browser from accepting cookies, as well as (depending on your browser software) allow you to decide on acceptance of cookies in a variety of ways. You can find more information about cookies and how to manage them at http://www.allaboutcookies.org/.
Where do we store your information: The information that we collect from you will be transferred to and stored at/processed in the United States by us or our third-party vendors (see “How we share information about you”). The people processing your personal data are engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. We will take all steps reasonably necessary to ensure that your personal data is treated securely and in accordance with this policy.
For our customers located in the EEA, we must inform you that your data is being processed outside of the EEA. As we are a US based company, we require the transfer of your personal data to the US in order for us to provide you with our Services. By using our Services, you consent to this use of your data. If you do not consent to the transfer of your data outside of the EEA, please stop using our Services. If you order products from our website, we will need to transfer your data outside of the EEA in order to fulfil your order and meet our contractual obligations to you.
How long do we store your information: We will retain your information as follows:
We retain the information we collect from and about you for as long as necessary. We may retain certain information for legitimate business purposes or as required by law.
Your access to the Services is password protected for your privacy and security. You can help prevent unauthorized access to your personal data on the Services by selecting and protecting your password, and limiting access to your computer, phone and browser such as signing off after you have finished accessing the Services. We have security measures in place to protect your personal data. However, we cannot guarantee the security of your personal data. Unauthorized entry or use, hardware or software failure, and other factors, may compromise the security of your personal data at any time.
Privacy Practices of Third Parties and Third-Party Sites
EU Privacy rights
Right to access and deletion: You have the right to ask us to access the personal data we hold about you and be provided with certain information about how we use your personal data and who we share it with. You also have the right to ask us to correct your personal data where it is inaccurate or incomplete.
In certain circumstances, you have the right to ask us to delete the personal data we hold about you:
- Where you believe that it is no longer necessary for us to hold your personal data;
- Where we are processing your personal data on the basis of legitimate interests and you object to such processing and we cannot demonstrate an overriding legitimate ground for the processing;
- Where you have provided your personal data to us with your consent and you wish to withdraw your consent and there is no other ground under which we can process your personal data; or
- Where you believe the personal data we hold about you is being unlawfully processed by us.
In certain circumstances, you have the right to ask us to restrict (stop any active) processing of your personal data:
- Where you believe the personal data we hold about you is inaccurate and while we verify accuracy;
- Where we want to erase your personal data as the processing is unlawful but you want us to continue to store it;
- Where we no longer need your personal data for the purposes of our processing but you require us to retain the data for the establishment, exercise or defense of legal claims; or
- Where you have objected to us processing your personal data based on our legitimate interests and we are considering your objection.
In addition, you can object to our processing of your personal data based on our legitimate interests and we will no longer process your personal data unless we can demonstrate an overriding legitimate ground.
In addition, you have the right to complain to your data protection supervisory authority.
Please note that these rights are limited, for example, where fulfilling your request would adversely affect other individuals or Company trade secrets or intellectual property, where there are overriding public interest reasons or where we are required by law to retain your personal data.
Right to withdraw consent: Where you have provided your consent for us to process your personal data, you can withdraw your consent at any time by emailing us at the contact information below.
Objection to Marketing: At any time you have the right to object to our processing of data about you in order to send you promotions and special offers, including by emailing us at the contact information below, clicking “unsubscribe” on a marketing email, or replying STOP to a text message. You may receive a small number of further communications immediately after unsubscribing but we will implement your request as quickly as possible.
Complaints: In the event that you wish to make a complaint about how we process your personal data, please contact us in the first instance at the contact information below and we will endeavour to deal with your request as soon as possible. This is without prejudice to your right to launch a claim with your relevant data protection supervisory authority.
California privacy rights
California residents that have an established business relationship with us can request a notice disclosing the categories of personal data we have shared with third parties during the preceding calendar year for the third parties’ direct marketing purposes. To make such a request from us, if entitled, please use the contact information listed below.
If you are under 18 years of age and a California resident using the Services, at any time you can request that we delete information or remove content you have provided or posted. Please contact us at the information below for our assistance, including to request removal of your information or content. Note that the removal of information or content may not ensure complete or comprehensive removal of that information or content posted through the Services.
Your browser may offer you a “Do Not Track” option, which allows you to signal to operators of websites and web applications and Services that you do not wish such operators to track certain of your online activities over time and/or across different websites. Beauty Club Plus does not support Do Not Track requests at this time.
Our Services are not directed to children under the age of 13, nor do we knowingly collect any personal data from such children. If you believe that a child has provided personal data to us, please promptly contact us using the contact information detailed below, and we will endeavor to investigate and delete such personal data from our systems.
Control of Personal Data
To the extent you include personal data in your public content (such as a photo of yourself), third parties may be able to identify you, associate you with your account, and contact you. Please do not include information in your public content that you expect to keep private.
Third parties can also associate you with your account using the user search and browse features of the Services, which display your public content.
Terminating your account
Upon your request, we will use commercially reasonable efforts to close your account, and cease displaying your public content on the Services; nevertheless, we may still retain your personal data and your public content in our systems. Registered users who wish to close their account should contact us.
If you have any questions or concerns regarding privacy using the Services, please send a detailed message to: firstname.lastname@example.org.