As of February 28, 2020
- PERSONAL INFORMATION COLLECTED
- ADVERTISING AND ANALYTICS SERVICES PROVIDED BY OTHERS
- HOW WE USE YOUR PERSONAL INFORMATION
- TESTIMONIALS / REVIEWS
- HOW WE SHARE PERSONAL INFORMATION
- TEXT MESSAGES
- YOUR CHOICES
- ACCESSING, DELETING AND UPDATING YOUR PERSONAL INFORMATION
- SOCIAL MEDIA PAGES / INTERACTIVE SERVICES
- LINKS TO THIRD PARTY SITES
- TRANSFER OF PERSONAL INFORMATION INTERNATIONALLY
- ADDITIONAL RIGHTS FOR EU USERS
- CONTACT US
1. PERSONAL INFORMATION COLLECTED
We collect personal information directly from you, automatically as you use the Site, and from third parties and publicly-available sources. We also derive or infer information about you based on the personal information we collect, as described in more detail below.
Personal Information Collected Directly from You: We collect personal information directly from you when you use the Site or otherwise interact with us, including the following: name, mailing address, billing address, email address, phone number, credit/debit card information, password, personal description, age, birthdate, gender, photograph, and purchase history. We may also collect personal information you provide about other people. For example, if you instruct us to ship your order to someone else, you may provide us with the name and contact information of the intended recipient, and we may use that information to process the shipment and, in some cases, communicate with the intended recipient.
Information Collected through Automatic Data Collection Technologies: As you navigate through and interact with the Site, we may use automatic data collection technologies to collect certain information about your equipment and browsing behavior, including: IP address, login information, browser type and version, device type, time zone setting, browser plug-in types and versions, operating system and platform, products viewed, searched for or purchased, page response times, download errors, length of visit to certain pages, page interaction (scrolling, clicks, mouse-overs), methods used to browse away from the page, and your use of features or applications on the Site. The tracking technologies we use for automatic data collection include:
- Web Beacons: Our Site and e-mails may contain small electronic files known as web beacons (also referred to as clear gifs. pixel tags and single-pixel gifs) that permit us, for example, to count users who have visited pages on our Site or opened an e-mail and for other related Site statistics (for example, recording the popularity of certain content and verifying system and server integrity).
Personal Information We Collect from Other Sources: We may collect personal information about you from other sources. For example, we may collect personal information about you from:
- other customers who provide information about you, such as to send you a gift or sign up for a refer-a-friend program and
- data append services, social media websites, and market research companies.
Personal Information We Derive: We may derive information or draw inferences about you based on the other types of personal information we collect. For example, we may infer your location based on your IP address, or that you are interested in purchasing a certain product based on your browsing behavior on our Site.
In order to offer you Klarna’s payment methods, we might in the checkout pass your personal data in the form of contact and order details to Klarna, in order for Klarna to assess whether you qualify for their payment methods and to tailor those payment methods for you. Your personal data transferred is processed in line with Klarna’s own privacy notice.
2. ADVERTISING AND ANALYTICS SERVICES PROVIDED BY OTHERS
We may also work with third parties to serve ads to you as part of a customized campaign on third party platforms (such as Facebook or Instagram). As part of these ad campaigns, we or third party platforms may convert information about you, such as your email address and phone number, into a unique value that can be matched with a user account on these platforms to allow us to learn about your interests and to serve you advertising that is customized to your interests. Note that the third party platforms may offer you choices about whether you see these types of customized ads.
3. HOW WE USE YOUR PERSONAL INFORMATION
We use personal information for the following purposes:
- to operate, maintain, and improve our Site;
- to provide and administer your account on our Site;
- to provide and administer our InnerCircle Rewards loyalty program;
- to provide the products and services you requested and / or purchased and send you related information, including confirmations, notices, updates, alerts, surveys and support and administrative messages;
- to communicate with you about our products, services, promotions, rewards, events and other news and information we think will be of interest to you (for information about opting out of these communications, see “Your Choices”);
- to monitor and analyze trends, usage and activities in connection with our Site;
- to personalize the Site and show you content we think will most interest you;
- to provide customer service or support or contact you regarding your account; to carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection; to conduct internal research and development to improve, upgrade, or enhance the Site or our products and services;
- to perform other logistics and operation activities as needed, including debugging to identify and repair errors with the Site;
- to protect our assets, detect security incidents, protect against malicious, deceptive, fraudulent or illegal activity;
- to carry out certain short-term activities and other reasonable internal purposes related to your use of the Site, the products you purchase from us, or your ongoing relationship with us;
- to comply with our legal obligations;
- in any other way we may describe when you provide the information; and
- for any other purpose with your consent or as permitted by law.
4. TESTIMONIALS / REVIEWS
From time to time, StriVectin may permit end-users to submit reviews and testimonials regarding our products, as well as biographical material associated with such end-users (collectively “Testimonials”), by and through the Site or otherwise. By submitting a Testimonial, you irrevocably grant to StriVectin the right to use the Testimonial (including your biographical information) in any and all forms of marketing and promotional material including, without limitation, website publication, print ads, online ads, television ads, radio ads, interactive media, as well as printed extracts and reproductions of any portion thereof, and for any and all other uses. You should be aware that your Testimonial(s), and any personal information that you submit in connection with same, may be published in a way that such material can be viewed, read, collected and/or used by others.
5. HOW WE SHARE PERSONAL INFORMATION
We share personal information with third parties as follow:
- with service providers or vendors that perform services on our behalf and need access to personal information to do so (e.g., couriers, payment processors, data analytics providers, mailing houses and fraud detection services);
- in the event that we sell or buy any business or assets, in which case we may disclose your personal information to the prospective seller or buyer of such business or assets;
- if we plan to merge with or be acquired by that third party or in connection with a partial or total sale of assets, bankruptcy or another corporate change;
- with our lawyers and other professional advisors where necessary to obtain advice or otherwise protection and manage our business interests;
- if we believe in good faith that the disclosure of information is necessary to: (i) prevent imminent physical harm or financial loss to us; (ii) prevent or report suspected illegal activity; and/or (iii) protect anyone’s rights, property or safety. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction; and
- with your consent or at your direction or as otherwise permitted by law.
In addition, we may disclose aggregated or de-identified information, which cannot reasonably be used to identify you.
6. TEXT MESSAGES
If you have provided prior express written consent to have promotional offers or transactional correspondence from us sent to your mobile device, we may send you a MS, MMS or other text message (“Text Messages”) with such communications to the telephone number you provided to us. Standard text message rates will apply.
If you have provided a telephone number for Text Messages, you are obligated to immediately inform us if and when the telephone number that you have previously provided to us changes. Without limiting the foregoing, if you: (i) have your telephone number reassigned to another person or entity; (ii) give up your telephone number so that it is no longer used by you; (iii) port your telephone number to a landline or vice versa; or (iv) otherwise stop using that telephone number for any reason (collectively “Phone Number Change”), you agree that you shall promptly notify us of the Phone Number Change by contacting us through the methods provided in Section 17.
We take reasonable administrative, technical, and physical measures to help protect personal information from loss, theft, misuse, and unauthorized access, disclosure, alteration, and destruction. While we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us.
8. YOUR CHOICES
We strive to provide you with choices regarding the personal information you provide to us. There are various mechanisms to provide you with control over your information, including those listed in this section.
Cookies: Visitors have a choice as to whether to accept non-essential cookies when you access our Site. We will only set non-essential cookies if you give us your consent.
Email Communications: To opt out of receiving our newsletter and/or other promotional e-mail communications from us, you can follow the instructions at the end of the applicable e-mail message, contact us via e-mail at the address listed in Section 16 “Contact Us” or phone at +44 808 196 2661.
Text Messages: If you wish to opt out of receiving Text Messages from us, you must follow the opt-out instructions at the end of each text message (e.g., reply “STOP”). Please note that if you decide to opt out, it may take a few days to process your opt-out request by email and 6–8 weeks to process your postal mail request and that you may continue to receive promotional or marketing materials during this time. Also, please note that opting out will not preclude us from sending you other types of non-promotional messages, such as emails confirming transactions.
9. ACCESSING, DELETING AND UPDATING YOUR PERSONAL INFORMATION
At your request, we will inform you of what personal information we have on file for you. In addition, at your request and where required by applicable law, we will delete personal information that you have provided to us, or that we have collected. You may ask to access your information or have information deleted by contacting us via e-mail at: firstname.lastname@example.org; provided, however, that we ask individuals to identify themselves and the information requested to be accessed, corrected or removed before processing such requests. We will handle such requests in accordance with applicable law and so there may be circumstances where we cannot comply with your request. For example, we may decline to process requests that are unreasonably repetitive or systematic or jeopardize the privacy of others. We may retain certain information as required by law or for legitimate business purposes, where permitted by applicable law. We may also retain cached or archived copies of information about you for a certain period of time.
Please be advised that deleting your personal information will limit our ability to contact you in connection with the Site, which may limit your ability to utilize the Site. If you wish to be contacted by us in connection with the Site, you may not request that the personal information that we have on file for you be deleted.
If you are an EU resident, please see “Additional Rights for EU Users.”
10. SOCIAL MEDIA PAGES / INTERACTIVE SERVICES
If you interact with StriVectin or any third parties by and through any forums or interactive areas of our Site or any social media platforms, you should be aware that the personal information that you submit by and through such venues can be read, collected and/or used by other users of these forums (depending on your privacy settings) and could be used to send you unsolicited messages or otherwise to contact you without your consent or desire. We are not responsible for the personal information that you choose to submit in these forums. In addition, we are not responsible for and do not control third party social media platforms’ privacy or security practices. We encourage you to review the privacy policies and settings of the third parties with whom you interact to help you understand their privacy practices.
11. LINKS TO THIRD PARTY SITES
Visitors under eighteen (18) years of age (or the applicable age of majority, if greater than eighteen (18) years of age) are not permitted to use and/or submit their personal information at the Site. We do not knowingly solicit or collect information from visitors under eighteen (18) years of age (or the applicable age of majority, if greater than eighteen (18) years of age). If you register with us and we discover that you are under eighteen (18) years of age (or the applicable age of majority, if greater than eighteen (18) years of age), we will delete your registration and associated personal information, to the greatest extent of our abilities. We encourage parents and guardians to spend time online with their children and to participate and monitor the Internet activities of their children.
13. TRANSFER OF PERSONAL INFORMATION INTERNATIONALLY
StriVectin is headquartered in the United States, and we have operations and service providers in the United States and other countries. As such, we will transfer your personal information to, or store or access it in, jurisdictions that may not provide equivalent levels of data protection as your home jurisdiction. We will take steps to ensure that your personal information receives an adequate level of protection in the jurisdictions in which we process it.
When we transfer personal information from the European Union or the United Kingdom to the United States, we comply with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information (the “Privacy Shield Principles”). StriVectin has certified to the Department of Commerce that we adhere to the Privacy Shield Principles. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.
In compliance with the Privacy Shield Principles, we are committed to resolving complaints about our processing of your personal data. Individuals who reside in the EU or UK with inquiries or complaints regarding our compliance with the Privacy Shield program should first contact us. We have further committed to refer unresolved Privacy Shield complaints to JAMS, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit https://www.jamsadr.com/file-an-eu-us-privacy-shield-or-safe-harbor-claim for more information or to file a complaint. The services of JAMS are provided at no cost to you.
Under certain conditions, you may be able to invoke binding arbitration to resolve your complaint. StriVectin is subject to the investigatory and enforcement powers of the Federal Trade Commission.
If we share personal data transferred to the U.S. under the Privacy Shield with a third-party service provider that processes such data on our behalf, then we will be liable for that third party’s processing in violation of the Privacy Shield Principles, unless we can prove that we are not responsible for the event giving rise to the damage.
15. ADDITIONAL RIGHTS FOR EU USERS
If you are in the European Union or the UK, you have certain rights and protections under the law regarding the processing of your personal information and this section applies to you.
Legal Basis for Processing
If you are in the European Union or UK, we will process your personal information in reliance on the following lawful bases:
- To perform our responsibilities under our contract with you (e.g., processing payments and providing the products you have ordered).
- When we have a legitimate interest in processing your personal information in order to operate our business, supply our products and protect our interests (e.g., to send you marketing communications, to conduct data analytics, and to provide, secure, and improve our Site).
- If we determine it is necessary to comply with a legal obligation to which we are subject (e.g., to maintain a record of your consents and those who have opted-out of marketing communications).
- When we have your consent to do so (e.g., when you agree to receive marketing communications from us). When we rely on consent as the legal basis for processing your personal information, you may withdraw such consent at any time.
We store personal information we collect about you for as long as is necessary for the purpose(s) for which we collected it or for other legitimate business purposes, including to meet our legal, regulatory, or other compliance obligations.
Data Subject Requests
You have the right to request access to personal information we hold about you and to ask that your personal information be corrected, erased, or shared with another individual. You may also have the right to object to, or request that we restrict, certain processing. If you would like to exercise any of these rights, please visit this page.
Questions or Complaints
If you have a concern about our processing of personal data that we are not able to resolve, you have the right to lodge a complaint with the data privacy authority where you reside. Contact details of your Data Protection Authority can be found using the links below:
For individuals in the EEA: http://ec.europa.eu/justice/data-protection/article-29/structure/data-protection-authorities/index_en.htm
For individuals in the UK: https://ico.org.uk/global/contact-us/
16. CONTACT US