Information we collect
Information you provide to us
We collect the personal information you provide to us when you purchase our products or visit our website. The categories of information we may collect include:
- Personal Identifiers, including name, email address, postal address, and telephone number
- Commercial and Financial Information, including purchases and credit card or debit card number
- Physical and Audio Data, including physical characteristics or descriptions and audio information
- Characteristics of Protected Classifications, including age and sex or gender
- Medical, including medical information
- Inferences, including inferences created from other personal information collected
We collect the personal information you provide to us when you Visit the SPA and received facial treatments . The categories of information we may collect include:
- Personal Identifiers, including name, email address, and telephone number
- Medical, including medical information
To the extent we process deidentified personal information, we will make no attempt to reidentify such data.
Information collected automatically
We automatically collect internet or other electronic information about you when you visit our website, such as IP address, browsing history and interactions with our website. This data may be collected using browser cookies and other tracking technologies.
Browser Cookies. We use cookies to create a better experience for you on our site. For example, cookies prevent you from having to login repeatedly, and they help us remember items you've added to your cart. We also use third-party cookies, which are cookies placed by third parties for advertising and analytics purposes. You can control these cookies through your browser settings.
Opt-Out Preference Signals. Your browser settings may allow you to automatically transmit an opt-out preference signal, such as the Global Privacy Control (GPC) signal, to online services you visit. When we detect such signal, we place a U.S. Privacy String setting in your browser so that any third party who respects that signal will not track your activity on our website. Your request to opt-out of sale/sharing will be linked to your browser identifier only and not linked to any account information because the connection between your browser and the account is not known to us. GPC is supported by certain internet browsers or as a browser extension. Find out how to enable GPC..
Information from other sources
We may collect personal information about you from third-party sources, including Other consumers (e.g., referrals) and Retail Partners.
Other consumers (e.g., referrals)
- Personal Identifiers, including Name, Email address, Postal address, and Telephone number
- Online Identifiers
- Physical and Audio Data, including Physical characteristics or descriptions
- Characteristics of Protected Classifications, including Age and Sex or gender
- Inferences, including Inferences created from other personal information collected
Retail Partners
- Personal Identifiers, including Name, Email address, Postal address, and Telephone number
- Commercial and Financial Information, including Purchases
How long we keep your data
We do not retain data for any longer than is necessary for the purposes described in this Policy.
We generally retain data according to the guidelines below.| Type of Data | Retention Period |
|---|---|
| Cookies and online data we collect while you use our website, including Online Identifiers | We delete or anonymize data concerning your use of our website within 7 years of collecting it. |
| Data we collect in order to process and ship orders you place with us, including Name, Email address, Postal address, Telephone number, Credit card or debit card number, Audio information, Inferences created from other personal information collected | We keep personal information related to products and services you purchase for as long as the personal data is required for us to fulfill our contract with you, and for 7 years from your last purchase with us. We may keep data beyond this period in anonymized form. |
| Data we collect when you contact us for customer support and other inquiries, including Name, Email address, Postal address, Telephone number, Purchases, Credit card or debit card number, Physical characteristics or descriptions, Audio information, Age, Sex or gender, Medical information, Inferences created from other personal information collected | We keep customer feedback and correspondence with our customer service for up to 2 years to help us respond to any questions or complaints. We may keep data beyond this period in anonymized form. |
| Data we collect when you sign up for promotional and marketing communications, including Name, Email address, Telephone number, Purchases | Where you have signed up to receive promotional and marketing communications from us, we will retain any data collected until you opt out or request its deletion. We may keep data beyond this period in anonymized form. We will further retain a record of any opt-outs in order to prevent sending you future communications. |
| Data we collect when you review our products, answer surveys, or send feedback, including Name, Email address, Telephone number | We retain review, survey, and feedback data for up to 7 years following your last contact with us. We may keep data beyond this period in anonymized form to help improve our products and services. |
| Data we collect in connection with privacy requests, including Name, Email address, Online Identifiers | We retain records related to privacy requests for a minimum of 24 months following the completion of the request. |
| Data we collect for security purposes, including Internet Activity, Inferences created from other personal information collected | We retain security-related data as long as necessary to comply with our legal obligations and to maintain and improve our information security measures. |
Purposes of Processing
We process personal information for the following purposes:
- Conducting Surveys
- Creating Customer Profiles
- Delivering Targeted Ads
- Fulfilling Customer Orders
- Improving our Products & Services
How we disclose information
Information Disclosed for Business or Commercial Purposes in the Last 12 Months, and Categories of Parties Disclosed To
We may disclose the following personal information about you when you purchase our products or visit our website:
| Personal Information Category | Categories of Service Providers | Categories of Third Parties |
|---|---|---|
| Personal Identifiers | Business Operations Tool, Cloud Computing & Storage Providers, Collaboration & Productivity Tools, Commerce Software Tools, Governance, Risk & Compliance Software, IT Infrastructure Services, Sales & Marketing Tools, and Web Hosting Services | Ad Networks and Sales & Marketing Tools |
| Online Identifiers | Ad Networks, Business Operations Tool, Cloud Computing & Storage Providers, Collaboration & Productivity Tools, Commerce Software Tools, Governance, Risk & Compliance Software, IT Infrastructure Services, Sales & Marketing Tools, and Web Hosting Services | Ad Networks, Data Analytics Providers, Payment Processors, and Sales & Marketing Tools |
| Internet Activity | Ad Networks, Business Operations Tool, Cloud Computing & Storage Providers, Collaboration & Productivity Tools, Commerce Software Tools, IT Infrastructure Services, Sales & Marketing Tools, and Web Hosting Services | Ad Networks, Data Analytics Providers, Payment Processors, and Sales & Marketing Tools |
| Commercial and Financial Information | Ad Networks, Business Operations Tool, Cloud Computing & Storage Providers, Collaboration & Productivity Tools, Commerce Software Tools, IT Infrastructure Services, Sales & Marketing Tools, and Web Hosting Services | Ad Networks, Data Analytics Providers, Payment Processors, and Sales & Marketing Tools |
| Physical and Audio Data | IT Infrastructure Services, Sales & Marketing Tools, and Web Hosting Services | Sales & Marketing Tools |
| Characteristics of Protected Classifications | Business Operations Tool, Collaboration & Productivity Tools, Commerce Software Tools, IT Infrastructure Services, Sales & Marketing Tools, and Web Hosting Services | Ad Networks, Data Analytics Providers, and Sales & Marketing Tools |
| Medical | None | None |
| Inferences | Business Operations Tool, Cloud Computing & Storage Providers, Collaboration & Productivity Tools, Commerce Software Tools, IT Infrastructure Services, Sales & Marketing Tools, and Web Hosting Services | Ad Networks, Data Analytics Providers, and Sales & Marketing Tools |
We may disclose the following personal information about you when you Visit the SPA and received facial treatments :
| Personal Information Category | Categories of Service Providers | Categories of Third Parties |
|---|---|---|
| Personal Identifiers | None | None |
| Medical | None | None |
Representative Information
If you are located in the EEA or the United Kingdom and have questions about your personal data or would like to request to access, update or delete it, you may contact our representative at:
Bird & bird GDPR Representative Services SRL
Avenue Louise 235
1050 Bruxelles
Belgium
moc.sdribowt@yeliRyadnuS.evitatneserperUE
Key contact: Vincent Rezzouk-Hammachi
Bird & Bird GDPR Representative Services UK
12 New fetter Lane
London
EC4A 1JP
United Kingdom
moc.sdribowt@yeliRyadnuS.evitatneserperKU
Key contact: Vincent Rezzouk-Hammachi”
EEA/UK Privacy Notice (GDPR)
This section provides additional information for people in the European Economic Area (EEA) or United Kingdom (UK). The terms used in this section have the same meaning as in the General Data Protection Regulation and the UK Data Protection Act (GDPR). The term “personal information” as used in this notice has the same meaning as “personal data” in the GDPR.
Collection and Disclosure of Personal Data
The personal data we collect is described above in Information we collect. The personal data we disclose for business or commercial purposes is described above in How we disclose information. The length of time for which we retain personal data is described above in How long we keep your data. Our purposes for processing data are described above in Purposes of processing.
We may disclose your personal information to the following third party controllers for business purposes: Wave, Vested, Pinterest Ads, Instagram Ads, Officevibe, Concord, Apple Pay, PayPal - Pay with PayPal, Venmo, Pay Later, CJ, Forter, TravelBank, Dyno Mapper, Mazars, Expensify. To understand how these parties handle your data, please refer to their respective privacy policies.
Cookie Notice
We use cookies to improve your experience on our site and to allow us and third parties to personalize the marketing content you see on other websites and social media. Manage your cookie consent here.
Essential Cookies
We use these cookies for things like security, logins, site errors, and processing payments. We can't turn these necessary cookies off, but you can control them in your browser.
| Cookie Name | Provider | Duration |
|---|---|---|
| __cfruid | Chadwick Horn | Session |
| cart_currency | Shopify | 14 Days |
| keep_alive | Shopify | 31 Mins |
| localization | Chadwick Horn | 1 Year |
| secure_customer_sig | Shopify | 1 Year |
| shopify_pay_redirect | Shopify | 1 Hour |
| VISITOR_INFO1_LIVE | Chadwick Horn | 5 Months 27 Days |
| YSC | Chadwick Horn | Session |
Analytics Cookies
These cookies tell us how you use our sites and apps, and provide information to help us improve your experience.
| Cookie Name | Provider | Duration |
|---|---|---|
| _ga | Google Analytics | 1 Year 28 Days |
| _gat | Google Analytics | 2 Mins |
| _gid | Google Analytics | 1 Day |
| _landing_page | Shopify | 14 Days |
| _orig_referrer | Shopify | 14 Days |
| _s | Shopify | 31 Mins |
| _shopify_s | Shopify | 31 Mins |
| _shopify_sa_p | Shopify | 31 Mins |
| _shopify_sa_t | Shopify | 31 Mins |
| _shopify_y | Shopify | 28 Days |
| _y | Shopify | 28 Days |
Personalization Cookies
We do not use cookies to personalize content for you.Advertising Cookies
We do not use cookies for marketing or advertising purposes.Lawful Bases and Legitimate Interests
We process personal data on the following lawful bases:
- Complying with legal obligations
- Fulfilling contracts
- Consent
- Legitimate interests
Where we process personal data on the basis of our legitimate interests, we pursue the following interests: Creating Customer Profiles, Delivering Targeted Ads, Improving our Products & Services, Conducting Surveys, Fulfilling Customer Orders, Internal Business Operations, Meeting Compliance & Legal Requirements, Organizing & Managing Data, Processing Payments, Tracking Purchases & Customer Data, Operating Our Website or Mobile Apps, Preventing Fraud, Providing Customer Support, and Sending Promotional Communications.
International Data Transfers
We may send the personal data of individuals in the EEA/UK to third countries, including the United States, where it may be stored or processed, for example on our service providers’ cloud servers. When we transfer personal data, we rely either on Adequacy Decisions as adopted by the European Commission (EC) or the UK Information Commissioner's Office (ICO) on the basis of Article 45 of Regulation (EU) 2016/679 (GDPR), the EU-US Data Privacy Framework and UK-US Data Bridge agreements, Standard Contractual Clauses (SCCs) issued by the EC or International Data Transfer Agreements (IDTAs) approved by the ICO. Data protection authorities have determined that the SCCs and IDTAs provide sufficient safeguards to protect personal data transferred outside the EEA/UK. You may read more about international data transfer mechanisms at the following links:
- https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en
- https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/international-data-transfer-agreement-and-guidance/
Privacy Rights
Individuals in the EEA/UK have the following rights regarding their personal data. Make a Privacy Request by clicking here or the link at the top of this page. Once you submit a request, we will verify your identity and process your request in most cases within 30 days.
Right to access. You have the right to request a copy of the personal data we hold about you.
Right of portability. You have the right to ask us to transfer your data to another party.
Right to rectification. You have the right to request that we rectify any incorrect information we have about you.
Right of erasure. You have the right to request that we erase (delete) any personal information we hold about you.
Right to lodge a complaint with a supervisory authority. You have a right to lodge a complaint with a supervisory authority. For more information, you can visit the Information Commissioner’s Office website at https://ico.org.uk/, or see a list of EU Data Protection Authorities at https://www.gdprregister.eu/gdpr/dpa-gdpr/.
Inquiries
Controller contact information
Sunday Riley UK