Last Updated: March 2019
We at IL Makiage respect the privacy of your personal information, and as such make every effort to ensure your information is protected and private.
- HOW AND WHY WE COLLECT PERSONAL INFORMATION
Providing Personal Information is your choice. We do not currently require you to provide Personal Information in order to have access to general information available on our Sites. However, if you choose to make use of certain features of the Sites, you may need to provide certain Personal Information to us. If you choose not to provide mandatory Personal Information, you may still visit parts of our Sites but you may be unable to access certain options, programs, offers, and services that involve our interaction with you. If you do provide us with any Personal Information as described below, you agree that it will be accurate and complete, and it is your responsibility to keep it current.
The type of Personal Information you may be asked to provide, and the circumstances in which we request it, are described below. We present the information below based on the categories of information collected, but please be aware that similar specific pieces of information may apply to multiple categories. For example, your name and email address may be included within each of the “Identification and Contact Information,” “Billing Information,” and “User-Provided Information” categories described below.
- Identification and Contact Information.
- This is information that identifies you as an individual, such as your first and last name, and information that enables us to contact you, such as an email address, mailing address, or phone number, as well as information about pages and products you have browsed. This information is generally collected when you create an account with us, when you contact us using the Sites, when you request to receive newsletters and other materials, when you make purchases, and when you participate in interactive features of the Sites, such as our PowerMatch Quiz. Some additional information on how we collect this information are as follows:
- Account Creation: During your use of our Sites and in order to use our Sites’ services, you may choose to create an account, referred to as an Account. We may offer different options to create an Account, including:
- Direct registration, where you input your Personal Information to complete and submit a registration form directly to our Sites.
- Registration using third party accounts, where you use a “login with…” (or similar) button that we display on our Sites for a designated third party service, referred to as a Third Party Account, such as Facebook or Google. Doing so will enable you to link your Account and your Third Party Account. If you choose this option, then you will be required to approve the connection as well as the types of information (which may include Personal Information) that we will obtain from your Third Party Account and the types of activities that we may perform in connection with your Third Party Account. Please note that in order to use this option, you will need to have, and may need to be signed-in to, an existing Third Party Account.
- Share with Friends Services: Our sites may allow you to invite friends to use our Sites by sending them an invitation email or message. You may do so by:
- Using our Sites to send or post an invitation message via your Third Party Account; and/or
- Using our Sites to send an invitation email to your friend’s external email address (for example, a Gmail address).
- Account Creation: During your use of our Sites and in order to use our Sites’ services, you may choose to create an account, referred to as an Account. We may offer different options to create an Account, including:
If you send or post an invitation message to a friend, we may collect Personal Information about the recipient, such as their email address or Third Party Account user name and ID. Your name and/or email address may also be included in their invitation or email message.
- We collect and use this category of Personal Information for the purposes of (a) verifying your identity when you create an Account, make a purchase, or access certain features of our Sites; (b) providing you with products, services, or content you have purchased, used, or otherwise engaged with; (c) contacting you regarding your purchases or your account, which may include seeking feedback on products; (d) sharing invitations and messages with your friends at your request; (e) responding to your inquiries and administrative requests; (f) subject to your right to opt out and subject to applicable law, sending you newsletters and other marketing and advertisement communications that we believe may be of interest to you; and (g) providing and improving our Sites.
- Our legal basis for processing this information is our legitimate business interests, specifically our ability to offer products and services and to promote our produces and the content of our Sites.
- We will retain this information for as long as we continue to have a business need to do so (which will be at least as long as you continue to maintain an Account), unless a longer period is required by law. Business needs may include legal, taxation, accounting, risk management, and other business purposes.
- Billing Information.
- Our Sites includes the option to purchase products or services from us, both as standard sales and as part of our try-before-you-buy program. If you choose to make any kind of purchase we will require sufficient information from you to complete the transaction. Such information could include a credit card number and related account and billing information, invoice related information, and other data required to process the order.
- We collect and use this type of information for the purpose of processing required payments.
- Our legal basis for processing this information is your contractual agreement to pay for our products.
- We will retain this information for as long as necessary to complete your purchase and/or to process any return, unless you have opted to save your billing information. If you do so, we will retain the information as long as you maintain your Account.
- User-Provided Information.
- Some parts of our Sites may enable you to build a public profile in connection with your Account, referred to as a Public Profile. Your Public Profile may include your name and other information that you choose to include in your Public Profile, such as your gender and a profile picture. Our Sites may also include interactive features, such as pages that allow users to submit product reviews or upload content. If you participate in any of these interactive areas, we will collect whatever Personal Information you choose to include.
- We collect and use this information for the purpose of allowing our customers and fans to engage with us and others through the Sites.
- Our legal basis for processing this information is our legitimate business interests, specifically our ability to operate an interactive platform that allows our customers and others to learn more about our products.
- We will retain this information for as long as we have a business need to do so, unless a longer period is required by law. Note that while you can in some circumstances request removal of this type of information, in some cases we may not be able to remove Personal Information that you voluntarily disclose due to technical limitations. We will inform you if we cannot remove information as requested.
- A Special Note About User-Provided Information. If you create a Public Profile or use other interactive features of the Sites, the information you submit will be able to be seen and used by others for as long as the applicable web pages remain active, and may be visible longer if pages are cached. This information may be used by other uses of the Sites or the public to send you unsolicited messages. We provided notices and tools on our Sites to inform you which content may be publicly available. However, We are not responsible for the Personal Information you choose to post in this manner, and we encourage you to think carefully before posting anything in any public area of our Sites, and only to post information that you are sure you want to be accessible to everyone.
- Location Information.
- We may provide certain location-based services, or Location Services, through our Sites that are dependent on data related to the geographic location, or the Location Data, of your mobile or other device through which you are accessing our Sites. You should be able to use the settings on your mobile or other device to turn off location-sharing features.
- We collect this information for purposes of offering the Location Services on our Sites so that we can provide the applicable location-based content to you.
- Our legal basis for processing this information is our legitimate business interests, specifically our ability to provide products and services that are applicable in the area in which our users are accessing and using the Sites.
- We will retain this information only as long as the location services are active on your device.
- HOW AND WHY WE SHARE PERSONAL INFORMATION
We may share Personal Information with third parties in the following circumstances:
- We may share your Personal Information with our third party media partners in an encrypted hashed way (MD5 or SHA1 encryption) in order to track performance of our marketing efforts (including tracking across multiple devices) and to provide you with relevant content across the web, such as banner ads including products you may have shown interest in, or sales offers for our site.
- We may share Personal Information or any information you submitted via our Sites in connection with, during negotiations of, or as a part of the closing of, any merger, sale of company assets, or acquisition of all or a portion of our business to another company in which Personal Information about our Sites users is among the assets transferred.
- HOW WE COLLECT AND USE NON-PERSONALLY IDENTIFIABLE INFORMATION
Non-personally identifiable information refers to information that is not and cannot be used to identify a specific individual. While this information may define how you fit into a particular group of people, it is not unique to you, and it cannot be used (without being combined with other information) to specifically identify you.
The following describes how we collect and use non-personally identifiable information through the Sites.
- Log Files.
We may (directly or through third parties) make use of log files. The information inside the log files includes internet protocol (IP) addresses, type of browser, internet service provider (ISP), date/time stamp, referring/exit pages, clicked pages and any other information that your browser may send to us. We may (directly or through third parties) use such information to analyze trends, administer our Sites, track users’ movement around our Sites, and gather information.
- Cookies and Other Tracking Technologies.
- Analytics Services.
Our Sites may use the tools described below (the “Analytics Services”) to collect information about use of our Sites, such as how often users visit our Sites, what pages they visit when they do so, and what other sites they used prior to visiting our Sites. We use the information we collect from the Analytics Services to maintain and improve our Sites and our products and services. The AnalyticsS we use include:
- Anonymous Information.
Anonymous Information refers to information that does not enable identification of an individual user, such as aggregated or demographic information about users of our Sites. We may use Anonymous Information or disclose it to third party service providers in order to improve our Sites and enhance your experience with our Sites. We may also disclose Anonymous Information (with or without compensation) to third parties, including advertisers and partners.
What are cookies?
Cookies are small amounts of data that are stored on your browser, device, or the page you are viewing when you visit a website. Some cookies are deleted once you close your browser or application (session cookies), while other cookies are retained even after you exit so that you can be recognized when you return (persistent cookies).
Cookies used on our Sites are generally divided into the following categories:
- Essential cookies: These are cookies that are required for the operation of our Sites, such as cookies that enable you to log into secure areas.
- Analytics cookies: These are cookies that automatically collect information about your use of the Sites. These help us understand how many people are using our Sites and how they navigate through it. These cookies record only anonymous statistical data, not Personal Information. As mentioned above, we use Google Analytics and FullStory to analyze user behavior, so these third parties will place these types of cookies on our Sites.
- Functional cookies: These are cookies that remember choices that you make when you visit our Sites, such as language options. They help to make your visit more personal.
- Targeting cookies: These are cookies that record your visit to our Sites, the pages you visit, and the links you followed. They will recognize you as a previous visitor to the Sites, and track your activity on our site and other websites you visit.
What are your choices regarding cookies?
Most web browsers automatically accept cookies, but you can usually change your settings to prevent that, such as by having your device warn you each time a cookie is being sent or choosing to turn off all cookies. This can be done through your web browser settings, and because each browser is different, you should look at your browser’s “Help” menu to learn how to modify your cookie settings. You can also learn more how to opt out of targeted behavioral advertising from many major third party network advertisers by reviewing the information here and here.
If you do disable cookies from your browser you may not be able to access certain sections of the Sites that use essential cookies, and this may make your experiences on the site less efficient.
- YOUR RIGHTS REGARDING YOUR INFORMATION
You may choose not to receive future promotional, advertising, or other Sites-related emails from us by selecting an unsubscribe link at the bottom of each email that we send. Please note that even if you opt out of receiving the foregoing emails, we may still send you a response to any “Contact Us” request as well as administrative emails (for example, in connection with a password reset request) that are necessary to facilitate your use of our Sites and notifications regarding your orders.
Correcting and Updating Information.
If you are a registered user of our Sites, you can access and edit your Account Information online by clicking the “My Account” button on the Sites. You may also have any Personal Information you have provided revised by sending us an email to firstname.lastname@example.org.
As noted above, we have standard retention practices with respect to the Personal Information we collect. If you would like to request any earlier removal of your Personal Information, you can email us at email@example.com. Please note that we may not be able to completely remove Personal Information from our systems in certain circumstances. This will be true if the data is not in searchable format, if it is retained in backup systems or cached or archived pages, if we need it in order to prevent fraud or future abuse, or if we are required by law to keep it.
- CALIFORNIA PRIVACY DISCLOSURES.
California Civil Code Section 1798.83 permits our customers who are California residents to request certain information regarding our disclosure of Personal Information to third parties for their direct marketing purposes. It permits users that are residents of California to request the following information regarding our disclosure of your Personal Information to third parties for those third parties’ direct marketing purposes (a) a list of certain categories of Personal Information that we have disclosed to certain third parties for their direct marketing purposes during the immediately preceding calendar year; (b) the identity of certain third parties that received Personal Information from us for their direct marketing purposes during that calendar year; and (c) examples of the products or services marketed (if we have that information). To make such a request, please send an email to firstname.lastname@example.org. Please note that we are only required to respond to one request per customer each year.
In addition, if you are a California resident under the age of 18 and a registered user, California Business and Professions Code Section 22581 permits you to remove content or Personal Information you have publicly posted. If you wish to remove such content or Personal Information and you specify which content or Personal Information you wish to be removed, we will do so in accordance with applicable law. Please be aware that after removal you will not be able to restore removed content. In addition, such removal does not ensure complete or comprehensive removal of the content or Personal Information you have posted and that there may be circumstances in which the law does not require us to enable removal of content.
- ADDITIONAL RIGHTS APPLICABLE TO EU PERSONS.
- Right to Access – this is the right to request copies of your Personal Information from us.
- Right to Correct – this is the right to have Personal Information corrected if it is accurate or incomplete.
- Right to Erasure – this is the right to ask us to delete or remove your Personal Information from our systems.
- Right to Restrict Use – this is your right to block us from using, or to limit the ways we can use, your Personal Information.
- Right to Data Portability – this is your right to request that certain of your Personal Information be transferred to a different provider.
- Right to Object – this is your right to object to our use of your Personal Information, including when we use it for our legitimate interests, including for marketing purposes.
If you have questions relating to the above rights, you can contact us at email@example.com.
If you are not satisfied with how we have responded to any request you make regarding the above rights, you may be able to raise your complaint with the Data Protection Authority in your jurisdiction. You can find your national Data Protection Authority here.
For purposes of the GDPR, if you are located in the EU, the Data Controller of the information you provide is IM Pro Makeup NY LP, 110 Greene St., Suite 305, New York, NY USA 10012. Our Data Protection Officer may be contacted at Boaz@ilmakiage.com;
If you are located in the United Kingdom or the European Union, you may contact Achieved Compliance Advocacy, our appointed representative in the UK and the EU, at the following addresses:
By email: firstname.lastname@example.org
By mail: Achieved Compliance Advocacy, Ltd. C/o Renata Kloss Singel 250, 1016 AB Amsterdam, Netherlands
By email: email@example.com
By mail: Achieved Compliance Advocacy, Ltd. C/o Robert Cain 40 Oxford Road, High Wycombe, Buckinghamshire, UK HP11 2EE
- HOSTING OF OUR SITES
We do not ourselves host any of our Sites – all hosting is done by third party service providers that we engage. This means that data you provide us or that we collect from you (including any Personal Information) is hosted with such third party service providers on servers that they own or control. Regardless of where such third party service providers are located (and some are located in the US), their servers may be located anywhere in the world (including the US). Your data may even be replicated across multiple servers located in multiple countries. So please be aware that you are consenting to your data being transferred to various third party service providers around the world (including the US).
- VISITING OUR SITES FROM OUTSIDE THE UNITED STATES
If you are from the EU or are located in the European Economic Area (EEA), we are required to give you information about the transfer of your information outside the EEA. If this applies to you, whenever you voluntarily give us your Personal Information, you should understand that your information will be sent by you to the United States, a jurisdiction that does not provide the same framework for the protection of Personal Information as the EEA. By sending us your Personal Information, you are expressly consenting to the transfer by you of information from your location within the EEA to our servers in the United States.
In addition, if we send any of your Personal Information to servers located within the EEA, if we then transfer your Personal Information from those servers to areas located outside of the EU, we will adopt adequate measures as required by the GDPR (for example, the adoption of standard contractual clauses between us and the recipient).
- OUR SECURITY MEASURES.
We take your Personal Information’s security very seriously. We strive to follow generally accepted industry practices, including the use of administrative, physical and technical safeguards designed to protect the Personal Information submitted to us. This includes our use of Secure Socket Layer (SSL) technology, which creates an encrypted link between our web server and your browser, and provides a secured path of communication to ensure the information remains protected and private.
We also do not partner with, or have any special relationships with spyware, which is software used for collecting information about users without their knowledge or prior consent. Furthermore, we dedicate major efforts in order to ensure that our Sites and your Personal Information are secured, and that there is no spyware activity on our Sites.
However, no method of transmission over the Internet, or method of electronic storage or other security procedure, is 100% secure. Therefore, while we endeavor to use reasonably acceptable means to protect your Personal Information, we cannot guarantee its security or confidentiality. If you have any questions about security on our Sites, you should contact us at firstname.lastname@example.org.
- LINKS TO AND INTERACTION WITH THIRD PARTY PRODUCTS.
- CHILDREN’S PRIVACY
Our Sites are not structured to attract children under the age of 13 years. Accordingly, we do not intend to collect Personal Information from anyone we know to be under 13 years. If we learn that we have collected Personal Information from a child under 13 years, we will delete that information as quickly as possible. If you believe that we might have any such information, please contact us at email@example.com.
- DO NOT TRACK NOTICE
We do not currently respond or take any action with respect to web browser “do not track” signals or other mechanisms that provide consumers the ability to exercise choice regarding the collection of personally identifiable information about an individual consumer’s online activities over time and across third-party web sites or online services.
- QUESTIONS REGARDING OUR PRIVACY PRACTIVES