Privacy Policy

PRIVACY POLICY

Last Updated: January 13, 2021

This Privacy Policy describes the privacy practices of Imayla Beauty, Inc. (“Imayla”, “we”, “us” or “our”), including the types of information that we collect and the ways in which we use such information.  By accessing any of our websites or applications that reference or link to this Privacy Policy, including https://imaylabeauty.com/ (each, a “Site” and collectively, the “Sites”), or by using any products or services that we make available on any Site or that otherwise reference or link to this Privacy Policy (collectively, the “Services”), you agree to be bound by the terms and conditions of this Privacy Policy.

We may add to, modify, or otherwise update this Privacy Policy from time to time in our sole discretion by notifying you that a new version of this Privacy Policy has been posted to the Sites or Services.  It is your responsibility to review this Privacy Policy for any additions, modifications or updates each time that you access any of the Sites or use any of the Services, and you are bound by such additions, modifications and updates. Your use of the Sites or Services following any additions, modifications or updates to this Privacy Policy constitutes your acceptance of the new Privacy Policy.

Information We Collect 

In connection with the Sites and Services, we may collect the following categories of information:

  • information you provide to us, including your name, your contact information (g., email address, phone number, postal address, etc.), your account password, and other information related to your cosmetics needs (e.g., skin type, areas of concern, what you hope cosmetics can do for you, etc.);
  • information regarding any transactions or purchases you make through the Sites or Services (g., products purchased, frequency of purchases, etc.);
  • information collected in connection with your participation in our loyalty program;
  • information regarding your use of the Sites and Services; and
  • any other information that you provide or otherwise make available to us in connection with the Sites or Services.

You may choose not to provide certain information to us, but as a result you may not be able to take advantage of some of the features of the Sites or Services. 

We may also collect general, non-personal, statistical information about the use of the Sites and Services automatically, such as how many visitors visit a specific page on the Sites, how long a visitor stays on that page, and the hyperlinks visitors click.  We collect this information by using cookies, log files and other similar technologies (as further described below in the section of this Privacy Policy entitled ‘Cookies, Log Files and Similar Technologies’).  This information represents a generic overview of visitors to our Sites and users of our Services.

How We Use & Share Information

We may use the information that we collect in order to:

 

  • provide and administer the Sites and Services;
  • personalize the Sites or Services for you;
  • process and fulfill any orders you place through the Sites and Services, and to keep you informed regarding the status of your order;
  • process any returns requested by you;
  • enable your access to and use of the Sites and Services;
  • improve, modify or enhance the Sites or Services, including our user experience;
  • conduct and facilitate surveys, contests, focus groups and market research initiatives;
  • perform data analytics (g., trend analysis, financial analysis and customer segmentation);
  • engage in ad retargeting and evaluate the effectiveness of our marketing efforts, including through our participation in ad networks;
  • process, evaluate and respond to requests, inquiries and applications;
  • create, administer and communicate with you about your account;
  • detect and prevent potentially illegal acts, violations of our policies, fraud and/or data security breaches;
  • maintain and enhance the safety and security of the Sites and Services;
  • conduct internal business analysis or other business purposes; and
  • send you communications, including marketing communications.

We may also combine information we obtain through the Sites and Services with other information for the purposes described above.  We may aggregate or anonymize such information and use it for the purposes described above, and for other purposes to the extent permitted by applicable laws, rules and regulations.

We do not disclose your information to third parties, except:

  • when we have your permission to make the disclosure;
  • where the disclosure is necessary for the purpose for which the information was obtained;
  • to our third party service providers in order to provide services to us (including marketing communications, email delivery, targeted advertisements, fraud investigations, fulfilling orders, delivering packages, providing customer support, payment processing, and other business operations);
  • to our affiliates, subsidiaries and related content to provide joint content and services, and for their business purposes;
  • where permitted by applicable law or when the disclosure is necessary, in our discretion, for the establishment or maintenance of legal claims or legal compliance, to satisfy any law, regulation, subpoena or government request, or in connection with litigation; or
  • as otherwise disclosed in this Privacy Policy.

Additionally, in the event we are acquired by, or merge or consolidate into, another entity, or if there is a sale of our assets (including in bankruptcy), your information may be transferred to the entity acquiring us or our assets or that survives the merger or consolidation.  You acknowledge and agree that in the foregoing circumstances, your information may be disclosed to such third party.

We also use third party service providers to process payments through our Sites and Services.  We do not collect any information related to payment transactions (e.g., your credit card number); only our third party payment providers collect such information. 

Cookies, Log Files and Similar Technologies

As mentioned above, we may use cookies, log files and similar technologies to collect certain information regarding your use of the Sites and Services.  A cookie is a small amount of data that is sent to your browser from a website’s servers and stored on your computer’s hard drive which often includes an anonymous unique identifier.  Cookies do not identify specific users, only a user’s device.  We use cookies to track and record user session information.  You may set your browser to notify you when you receive a new cookie or to disable cookies.  However, this may hinder performance of the Sites or Services, and prevent you from using certain features.  

The Sites and Services also may use log files. The information inside the log files includes internet protocol (IP) addresses, type of browser, Internet Service Provider (ISP), date/time stamp, referring/exit pages, and number of clicks to analyze trends, administer the site, track a user’s movement around the Sites and Services, and gather demographic information.

To control which web servers place and access cookies and collect information automatically, we place tags on our webpages called “web beacons”, which are small files that allow us to understand the actions of visitors to our Sites.  We use similar technology in marketing emails we send, which may enable the placing or accessing of cookies, and also enable us to know if you received the email, if the email was opened and if you clicked on any links included in the email.

In addition to our own cookies, log files and similar technologies, we may engage third parties (such as Google and Facebook) to use their cookies, log files and similar technologies to report to us usage statistics of the Sites and Services, deliver advertisements on and through the Sites and Services, and for other similar purposes.  Google Analytics, for example, uses cookies to track your interactions with our Sites and Services.  Google collects information and reports it to us, without identifying individual users. This information helps us improve our Sites and Services so that we can better serve users.  For more information on Google Analytics, please visit www.google.com/policies/privacy/partners/.  

You have the right to opt out of the collection and use of information for ad targeting.  Please visit www.aboutads.info/choices.com for additional information regarding such rights and how to exercise them.

Text Marketing and Notifications:

By entering your phone number in the checkout and initializing a purchase, subscribing via our subscription form or a keyword, you agree that we may send you text notifications (for your order, including abandoned cart reminders) and text marketing offers. Text marketing messages will not exceed 30 a month. You acknowledge that consent is not a condition for any purchase. If you wish to unsubscribe from receiving text marketing messages and notifications reply with STOP to any mobile message sent from us or use the unsubscribe link we provided you within any of our messages. You understand and agree that alternative methods of opting out, such as using alternative words or requests will not be accounted for as a reasonable means of opting out. Message and data rates may apply. For any questions please text HELP to the number you received the messages from. You can also contact us for more information. If you wish to opt-out please follow the procedures above.

Securing Your Information

We use security measures that we, in our discretion, deem appropriate for the type of information that is provided by you.  However, since no method of electronic storage is 100% secure, we cannot guarantee the absolute security of the information stored.  We also cannot guarantee that information you supply will not be intercepted while being transmitted to us over the Internet.

Links to Third Party Websites

The Sites and Services may include links to other websites or applications offered or made available by third parties (each, a “Third Party Site”).  We do not control or endorse any Third Party Site.  You agree that your use of a Third Party Site is at your own risk and that we are not responsible for the availability or contents of any Third Party Site.  We recommend that you review the privacy policy applicable to each such Third Party Site. 

Do Not Track Disclosure

At this time, we do not respond to browser 'Do Not Track' signals.

Use By Minors

We do not knowingly collect any information about children under the age of thirteen.  If we become aware that we have unknowingly collected information from a child under the age of thirteen, we will make commercially reasonable efforts to delete such information. 

Additional Provisions Applicable to Information Received from Residents of California

In addition to any other applicable provisions of this Privacy Policy, if you are a resident of California, you may have additional rights pursuant to the California Consumer Privacy Act of 2018 (the “CCPA”).  This section describes those rights and how to exercise them.  As used in this section, the term “personal information” has the meaning given it in the CCPA.

Description of Your Rights:  Pursuant to the CCPA, you have the right to know:

  • the categories of personal information that we have collected about you;
  • the categories of sources from which the personal information is collected;
  • our business or commercial purpose for collecting or selling personal information;
  • the categories of third parties with whom we share personal information (if any); and
  • the specific pieces of personal information that we have collected about you.

In connection with any personal information we may sell or disclose to a third party for a business purpose, you also have the right to know:

  • the categories of personal information about you that we sole and the categories of third parties to whom the personal information was sold; and
  • the categories of personal information that we disclosed about you for a business purpose.

You have the right to deletion of your personal information from our records and those of our service providers, unless an exception applies under the CCPA.

You have the right to not be discriminated against by us because you exercised any of your rights under the CCPA.  This means we cannot, among other things:

  • deny goods or services to you;
  • charge different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties;
  • provide a different level or quality of goods or services to you; or
  • suggest that you will receive a different price or rate for goods or services or a different level or quality of goods or services.

Exercising Your Rights under the CCPA:  To request access to or deletion of your personal information, please fill out the form at [INSERT THE HYPERLINK TO THE CCPA REQUEST FORM] or call our toll-free number at [INSERT THE 1-800 NUMBER FOR CONSUMER REQUESTS] Monday through Friday between 9:00 a.m. and 6:00 p.m., ET.  Please note that you may only make a CCPA related disclosure or deletion request twice within a 12-month period.

Verification:  To protect the security of your information, for all access and deletion requests you will need to provide us with enough information to verify your identity.  The information you provide must match the information we know about you. Additionally, if you request specific pieces of your personal information or the deletion of certain personal information, you may be required to provide a signed declaration under penalty of perjury and otherwise authenticate your identity.  We are not obligated to process a request if we cannot verify that the person making the request is the person about whom we collected information or is someone authorized to act on such person’s behalf.  Any personal information we collect from you to verify your identity in connection with your request will be used solely for the purposes of verification.

Categories of Information We Collect:  In addition to the information set forth in the section of this Privacy Policy entitled ‘How We Use & Share Information’, the table below sets forth the categories of personal information we have collected with respect to California residents, the sources from which such information was collected, and the business purpose for such collection:

Categories of Personal Information

Sources from which Information is Collected

Business Purpose for Collection

Identifiers (e.g., name, postal address, online identifiers, IP address, and email address) 

 

·     Directly from the individual (e.g., through an online form or in connection with registration);

·     Automatically through the use of cookies and similar technologies (including third party cookies).

·     Managing or servicing your account;

·     Fulfilling transactions and orders;

·     Communicating with you;

·     Business analysis; and

·     Marketing and advertising.

 

Commercial information (e.g., products purchased, obtained or considered, or other purchasing or consuming histories or tendencies)

·     Directly from the individual (e.g., through an online form or in connection with registration).

·     Managing or servicing your account;

·     Fulfilling transactions and orders;

·     Communicating with you;

·     Business analysis; and

·     Marketing and advertising.

Internet or other electronic network activity information (e.g., browsing history and search history within our site)

 

·     Automatically through the use of cookies (including third party cookies).

·     Managing or servicing your account;

·     Marketing and advertising; and

·     Business analysis.

Categories of Information Disclosed for a Business Purpose:  In addition to the information set forth in the section of this Privacy Policy entitled ‘How We Use & Share Information’, the table below outlines the categories of personal information that we have disclosed to third parties in the last 12 months, and the categories of entities with which such personal information was shared:

Categories of Personal Information Disclosed to Third Parties

Categories of Third Parties to whom Information is Disclosed

Identifiers (e.g., name, postal address, online identifiers, IP address, and email address) 

 

·     Internally and with our affiliated companies; and

·     Third parties providing services to us.

Commercial information (e.g., products purchased, obtained or considered, or other purchasing or consuming histories or tendencies)

·     Internally and with our affiliated companies; and

·     Third parties providing services to us.

Internet or other electronic network activity information (e.g., browsing history and search history within our site)

·     Internally and with our affiliated companies; and

·     Third parties providing services to us.

How Your Personal Information is Collected:  The section of this Privacy Policy entitled ‘Information We Collect’ describes how we collect your personal information.

Sales of Personal Information:  We have not, in the last 12 months, sold your personal information to third parties for a business or commercial purpose.

Requests by Authorized Agents:  You are permitted to designate an authorized agent to make a CCPA request on your behalf.  Your authorized agent can use the methods described above to submit the request and will be required to provide proof of authorization.

Individuals with Disabilities:  Individuals with a disability may access an alternative format of this notice using the contact information in the section below entitled ‘Contact Us’.

Additional Provisions Applicable to Information Received from the EU

In addition to any other applicable provisions of this Privacy Policy, the following provisions apply to information that is received from the European Union (the “EU”).

Legal Basis for Processing:  The EU’s General Data Protection Regulation (the “GDPR”) requires us to explain the legal justification for our use of your information.  As described under the section above entitled ‘How We Use & Share Information’, we use the information we collect from you for various purposes.  We rely on the following legal bases in connection with our processing of such information:

  • Processing is necessary to provide a service or feature you request. This includes processing, evaluating, and respond to your requests, inquiries, and applications; monitoring compliance with and enforcing our policies; and providing features and functions on the Sites and Services that you use. 
  • Processing is necessary for the performance of a contract.  This includes our processing of your information in order to fulfill or complete any orders you place with us.
  • Processing is necessary to pursue our legitimate interests and we have taken steps to ensure that our interests do not unduly intrude on your privacy. We rely on this justification when we monitor aggregate Site usage metrics such as total number of visitors and pages viewed; analyze the information we collect to improve performance and better understand the preferences of our customers; develop and improve our marketing materials, and, where permitted, contact you with marketing communications; and to protect our legal rights, resolve disputes, troubleshoot problems or assist with questions. 
  • Processing is necessary to comply with our legal obligations, such as to meet our record-keeping obligations.
  • Any purpose for which you actively consent, such as to place non-essential cookies and if you agree that we may contact you with relevant marketing information.

Where we rely on consent, you have the right to withdraw your consent to the processing of your information at any time by providing notice to us using the contact information set forth below in the section entitled ‘Contact Us’.

Transfers of Personal Information Outside of the EU:  We transfer information we collect about you to the United States and other countries that do not have the same data protection laws as the country in which you initially provided such information.  When we transfer your information to countries that are not considered by the European Commission to provide adequate protection, we rely on European Commission-approved agreements in accordance with Article 46 of the GDPR to protect your information in the countries to which it is transferred. 

Storage Period for Information:  We will store the information of individuals in the EU for the following periods:

  • Information Collected from Cookies: the cookies we use expire after [XX months], after which we will ask your consent again to place cookies.
  • Marketing Preferences: we retain information about your marketing preferences for [X years] from your last interaction with us.
  • Customer Service: we retain information about any customer service inquiries for [X years] after the question is resolved.
  • Business Transactions: we retain information about transactions with you for [X years] after the date of the transaction.

Your Data Subject Rights  You have the right to request that we take any of the following actions with respect to your information:

  • rectify any information about you that is inaccurate;
  • complete any of your information that is incomplete;
  • erase or restrict the processing of information about you, where we do not have the right to retain or continue using it in light of the circumstances of your request; and
  • provide you a copy of information you have provided us directly in a structured, commonly used and machine-readable format that can be transmitted to a third-party (i.e., portability). 

You may also object to our use of your information for our legitimate interests as described above.  We are not required to comply with your request if we have compelling interests or are legally required to override your request.

Complaints

Should you have any complaints regarding our use of your information, please contact us using the contact information provided below in the section entitled ‘Contact Us’.  If you reside in the EU, you also have the right to lodge a complaint with a supervisory authority in the country in which you reside, work or where you feel an infringement has occurred.

Contact Us

If you have any questions about this Privacy Policy or treatment of your information, please contact us at:

Imayla Beauty, Inc.
420 Lexington Ave
Ste 820
NY, NY 10170       
Email: info@imaylabeauty.com