LAST UPDATED AND EFFECTIVE: [January 2020]
- Commitment to Privacy
Cosmesis Skincare, Inc ("us," "we," “Cosmesis”, or "our") offers and maintains the
- Collection Of Your Information
Personally Identifiable Information
We may collect personally identifiable information about you, including, without limitation, your name, address, telephone number, e-mail address, birthday, and payment information. If you choose to correspond with us through email or social media, we may retain the content of your messages, together with your email address and our responses.
Website Use Information
- Use Of Your Information
Broadly speaking, we use personally identifiable information for the purpose for which you provided it. If you order a product or engage us for professional services, we will use your name and contact information to fulfill your needs , including billing, and delivery. If you complete a survey, we will retain your information indefinitely and may use it to create non-personally identifiable data to be used for advertising, marketing, or trade. If you send us an email, we may use your email address and other information you submit to provide customer service to you.
We may also use your personally identifiable information or Log Data to administer our internal business activities, such as to design and arrange the Site in the most user-friendly manner and to continually improve the Site to better meet the needs of our customers and prospective customers, to better understand visitors to the Site, to manage your account, to provide customer service, or to make available other products and services to our customers and prospective customers.
If you choose to receive information from us, we may use your personally identifiable information to contact you with information and updates about events, products, discounts, special promotions, or other offers from or on behalf of Cosmesis, as well as changes to the Site. We will do this only with your permission if you have opted to receive information from us. You may notify us at any time of your desire not to receive communications from us, or to Opt Out, by following the unsubscribe instructions set forth at the bottom of our promotional e-mail messages, or by emailing your request to unsubscribe to: firstname.lastname@example.org with the phrase “Privacy Opt-out: dermedicine.com Mailings” in the subject line.
- Disclosure Of Your Information
No Sale of Your Information
We are not in the business of selling your personally identifiable information. We consider this information to be a vital part of our relationship with you. Therefore, we will not sell your personally identifiable information to third parties, including third party advertisers. There are, however, certain circumstances in which we may disclose, transfer, or share your personally identifiable information with certain third parties without further notice to you, as set forth below.
Sharing Information With Parent Companies, Subsidiaries, And Affiliates
Sharing Information With Successors
Sharing Information With Agents, Consultants, and Related Third Parties
We, like many businesses, sometimes engage other companies to perform certain business-related functions. These companies may include marketing agencies, database service providers, backup and disaster recovery service providers, email service providers, payment processors, and others. When we engage another company to perform such functions, we may provide it with personally identifiable information, Log Data, or aggregate information about our customers, sales, website traffic patterns, and related website information, in connection with its performance of such functions. However, we do not collect or store credit card information or internet protocol addresses directly; rather, we employ a third party payment processor who may collect, store, and use such information. We take measures to select service providers that are responsible and afford privacy protections to their customers, such as those that comply with the Payment Card Industry Data Security Standards. [AGL1] However, we cannot make any representations about the practices and policies of these third party companies.
Sharing Information Through Social Media
We work with third parties, including social media sites like Facebook, YouTube, Instagram, Pinterest, and Google+, and with application developers who specialize in social commerce so you can connect to Cosmesis through your social networks. All of these companies operate Third Party Sites, as defined in section 8. We provide access to our Site by third parties and business partners so we can generate interest in our products and services among members of your social networks and to allow you to share your interests with friends in your network.
If you use features made available on our Site or Database by a third party social media site, your personally identifiable information may be collected or shared by us or by the third party. We consider information collected or shared through any such social media features as public information because the third party social media sites made it publicly available. If you do not want us to be able to access information about you from Third Party Sites, you must instruct the Third Party Sites not to share the information with us. Cosmesis does not control how these third parties use information collected from or about you, so be sure to review the privacy policies and privacy settings on your social media sites to make sure you understand the information they are sharing. If you do not want a Third Party Site to share information about you, you must contact that site and determine whether it gives you the opportunity to opt out of sharing such information.
We use features on third party social media sites that allow you to express opinions about products, services, or your interests and purchase our products. Those Third Party Sites may collect or register your views (including whether you liked or purchased a product) and make those views available to Cosmesis and on public portions of the Third Party Sites. You can avoid such collection and use of your personally identifiable information by declining to buy products through Third Party Sites or to express your views on Third Party Sites. Third Party Sites may also give you the option to limit such data collection and disclosure in the privacy settings on their sites. Cosmesis reserves its right not to display your personally identifiable information or content on our social media accounts and Site, even if you express an opinion about our products or services or consent to our use of such information or content. We reserve the right to remove personally identifiable or other information of any person for any reason. We may also remove from our social media accounts and Site, in our sole discretion, any product offering or any photo or product description.
California Privacy Rights
If you are a California resident, you have the right to request information from us regarding the manner in which Cosmesis shares certain categories of personally identifiable information with third parties for their direct marketing purposes. Under California law, you have the right request the following information, which you may do by emailing us at email@example.com:
1. The categories of information we disclosed to third parties for their direct marketing purposes during the preceding calendar year;
2. The names and addresses of the third parties that received the information; and
3. If the nature of the third party's business cannot be determined from their name, examples of the products or services they marketed.
We may provide this information in a standardized format that is not specific to you.
Legally Compelled Disclosure of Information
We may disclose your personally identifiable information if required to do so by law (including, without limitation, responding to a subpoena or request from law enforcement, a court, or a government agency) or in the good faith belief that such action is necessary (a) to comply with a legal obligation; (b) to protect or defend our rights, interests, or property, or that of third parties; (c) to prevent or investigate possible wrongdoing in connection with the Site; (d) to act in urgent circumstances to protect the personal safety of users of the Site or the public; or (e) to protect against legal liability.
- Your Choices About Use, Disclosure, and Deletion Of Your Information
People have different privacy concerns. Our goal is to be clear about what information we collect, so that you can make meaningful choices about how it is used. You may choose to create a personal shopping account to shop faster and easier and to check on your order status and history. You may choose to become a member of our loyalty program or our mailing list to earn rewards toward samples, gifts, and discounts, or to receive information about products, services, contests, and promotions. You may choose to place an order on the Site, complete an online survey, or share information about yourself in the user-generated content portions of the Site[AGL2] . Alternatively, you may choose to limit the personally identifiable information you submit by merely browsing the Site without providing your name or other information. If you do so, you may not be able to use certain functionality of the Site. To open an account, for example, you must provide your name and email address.
You have the right to prompt deletion of your personally identifiable information upon request. If you would like us to delete the data we have collected about you that we have received through your use of the Site or any social media provider or Third Party Site, please email us at firstname.lastname@example.org with the phrase “Privacy Opt-out: Delete My Information” in the subject line. If your information is deleted, you may not have access to certain functionality of the Site, such as promotions, product information, or opportunities.[AGL4]
- Information Security
We are committed to the protection of your information. When you place an order through the Site, we encode your information using Secure Socket Layer (SSL) encryption technology[AGL5] . The SSL encrypts, or translates, your order information into a highly indecipherable code, which is processed immediately. All credit card transactions occur in a secure area of the Site to protect you from any loss, misuse, or alteration of information collected. Our business practices also limit employee access to personally identifiable information and limit the use and disclosure of such information to authorized persons, processes, and transactions.
Storage of Your Information
Accessing and Correcting Your Information
If you have registered for an account on the Site, you may access and update some of your personally identifiable information being stored by us by logging in and visiting the My Account page. You may also request access to all of your personally identifiable information that we collect online and maintain by emailing us at email@example.com. If you have not registered for an account on the Site, you may create one by signing up, which will give you access to update some of your personally identifiable information directly. We will take reasonable steps to respond to requests relating to personally identifiable information within thirty (30) days, however, we may reject requests that we find to be unreasonable (i.e., require disproportionate efforts or material changes to our information systems), impractical, or abusive (i.e., repetitive requests, requests made in bad faith, requests that would compromise third party information).
We may retain your personally identifiable information as long as you continue to use the Site. You may close your account by contacting us. However, we may retain personally identifiable information for an additional period as is permitted or required under applicable laws. Even if we delete your personally identifiable information, it may persist on backup or archival media for an additional period of time.
Evaluation of Information Protection Practices
- Cookies Web Logs, And Similar Technologies
Third Party Links
Non-Personally Identifiable Data
When you provide personally identifiable information through surveys, we may use it to create non-personally identifiable information that we may use for advertising, marketing, or trade. To de-identify your information, we will use only your first name and last initial and city of residence with, for example, a testimonial you provided.
Aggregated Personally Identifiable Information
- International Privacy Laws
- Dispute Resolution
- Acceptance Of These Terms
- Incorporation By Reference
- What are cookies?
How can I manage cookies?
Cookies may be session cookies (i.e., last only for one browser session) or persistent cookies (i.e., continue on your browser until they are affirmatively deleted). You can manage cookies through your web browser's option settings and through those settings you may be able (a) to receive notifications when you are receiving new cookies; (b) to disable cookies; or (c) to delete cookies. Please refer to your web browser's help section for information on how to do this.
- What do we use these technologies for?
We use these technologies to monitor the Site and to analyze how you use the Site. We may place cookies that allow us to measure the time of your requests to our servers and our responses, to test new features, to record statistics about usage, to track your activities on the Site, and to track the places from which you come to the Site or Database. We may also use third party cookies to collect information about behavior on the Site for these Performance/Analytics purposes.
We use these technologies to allow us to provide certain functionality on the Site and to remember your preferences. For instance, cookies allow us to track your order history and returns, auto-populate shipping and billing addresses, and give you access to features such as a “Wish List.” If you disable or delete cookies, you may not be able to use some functions of the Site.
Advertising (including behavioral/interest based advertising)
In the future, we may use these technologies to deliver focused online banner advertisements to you both on and off the Site. By using these technologies, we hope to better tailor these advertisements to your interests. Sometimes this is called online behavioral, interest based, or retargeted advertising. Many of the third party technologies that enable this advertising participate in voluntary frameworks that allow you to opt out of it.
Such third party service providers include Adroll, Rubicon, Google, Media Math, Perfect Audience, Quantcast, Retargeter, and Yahoo! among other. You can control your preferences directly with each such third party service provider.
- Does anybody else use these technologies on your services?
Most of the cookies and other technologies described above on the Site are set by us (aka first party cookies) or are used in connection with the Site and set by third party service providers at our direction ("Third Party Cookies"). We may use Third Party Cookies with respect to each of the uses set forth above.
[AGL2]Confirm your practices.
[agl3]We recommend that you include an opt-in or opt-out feature on the My Account if you intend to use as described in section 3. I note that the last paragraph of that section says we may send emails for marketing purposes. If that is not the case, then we should make the change in that section. But if, for example, you ever intend to follow up with customers who stopped using the product, you would want to allow them a choice about whether to receive such emails. Let us know if we should make changes to this section and section 3 to describe a more restrictive use of the information. Be aware, however, that the FTC has brought legal action against companies that do not follow their stated policies, so we generally recommend disclosing for uses that you may make in the future.
[AGL4]For EU compliance. You may choose to omit this, if you do not have EU customers.
[AGL6]Explore what geolocation information is collected and means of doing so. We will need to revise this section on geolocation info if more than coarse data, such as ZIP code, is collected, in which case it is personally identifiable and we will need full notice to users.
[AGL7]Consider target market for client business. COPPA allows interaction with children 13 and older. EU compliance sends it up to 16.