- Scope of This Policy
- Agreement to Terms
- Information We Collect
- Children’s Privacy
- Our Use of Personal Information
- Our Disclosure of Personal Information
- Your Privacy Choices
- Additional Disclosures for Residents of the European Union (EU) and United Kingdom (UK)
- Additional Disclosures for Residents of Canada
- Additional Disclosures for Residents of Australia
- Links to Other Websites
- How to Contact Us
2. Agreement to Terms
3. Information We Collect
The information we may collect depends on how you interact with us as detailed below.
Information Collected by Visiting Our Sites
- Device information. We collect device information when you visit our Sites. Device information may include your computer or mobile device type, browser type, unique identifiers, IP address, and geolocation information.
- Interaction with our Site. We may collect information concerning your interaction with our Sites, including when you access one of our Sites and your browsing activity on the Site (such as which pages you visit, in what order, and for how long). This may include “traffic” data or tracking information provided by the Site’s host or similar providers (e.g., Google Analytics) that may be helpful for marketing purposes or for improving the Service.
Information We Collect From Our Customers
We offer skin care products for sale at wholesale and so our customers are typically business entities. As such, the personal information we collect from them is limited and generally relates to the business contact information for our customers’ owners, officers, and/or employees. In particular, this information may include:
- Identifiers. We may collect the name and signature of our customers’ authorized representatives (e.g., owner, director, officer, partner, or shareholder). We may also collect login credentials for customers’ authorized representatives or employees that establish an account with us. You also have the option to create an account using other credentials like your Facebook, Instagram, or Twitter account. If you choose to do so, information like your name, email address, language preference, and encrypted credentials will be shared with us.
- Business information. We may also collect business contact details for our customers’ authorized representatives and/or employees. This includes the authorized representative’s or employee’s name and title as well as the business address, business email address, and business phone number.
- Payment information. In the event a customer makes payments using a credit card issued in the name of the customer’s authorized representative or employee, we collect the name of the cardholder and credit card number, expiration date, and CVV code.
5. Children’s Privacy
The Service is not intended for users under the age of 13 and DermOQ does not knowingly collect personal information from individuals under the age of 13. If you are aware of, or suspect that, someone under the age of 13 is using the Service without permission, please notify us immediately by contacting us as detailed below. If you have questions or concerns about the Internet and privacy for your child, we encourage you to check out the FTC Guidelines for protecting your child’s privacy online.
6. Our Use of Personal Information
We collect and use personal information for the following purposes:
- Providing the Service to you and providing products or services requested by, or reasonably anticipated within the context of our relationship with, you;
- Managing our relationship with you;
- Responding to your inquiries or requests, and requesting feedback;
- Administering promotions, events, or surveys;
- Providing promotional material or other marketing materials that we believe will be of interest to you;
- Tracking use of your username and password to access our Sites and your shopping cart;
- Personalizing our Sites (e.g., displaying your name when you login to our Site);
- Analyzing use of our Sites;
- Tailoring advertisements to what we believe will be of interest to you;
- Detecting security incidents and protecting against malicious, deceptive, fraudulent, or illegal activity, or prosecuting those responsible; and
- Complying with legal and regulatory obligations.
7. Our Disclosure of Personal Information
DermOQ may share your personal information with the following third parties:
- Service providers, including hosting providers and IT outsourcing, payment processors, shipping providers, and marketing providers. In some instances, service providers will be directly responsible to you for their use of your personal information. They may be obliged by law to provide you with additional information regarding the personal information that they hold about you and how and why they process that information. Further information may be provided to you in a separate notice or may be obtained from such service providers directly, for example, via their websites.
- Advertising networks to provide you with relevant marketing.
- Advisers and financial institutions, including auditors, notaries, business continuity support service providers, and legal, tax, and risk and compliance advisors.
- Where permitted by applicable laws, with third parties in connection with a corporate restructuring, sale, transfer, or assignment of assets or business merger, divestiture, or other changes to the control or financial status of the company.
- Government bodies, dispute resolution organizations, law enforcement agencies, or third parties in connection with (a) responding to a subpoena, search warrant, or other lawful request for information we receive; (b) cooperating in a law enforcement or similar investigation; or (c) otherwise protecting our rights, as applicable.
8. Your Privacy Choices
By logging into your account, you can update or delete information in your account. If you wish to delete your account, you may contact us at the contact details in the How to Contact Us section below. When you update or delete your information or account, we may maintain a copy of the information in our internal records and you may be able to re-activate your account by contacting us at the contact details in the How to Contact Us section below.
If you no longer want to receive our newsletter, emails, or other marketing communications, you may unsubscribe at any time by following the unsubscribe options in the communication itself.
Please note that you cannot unsubscribe from certain correspondence from us, including messages relating directly to your account or purchases placed through one of our Sites.
We maintain reasonable technical and organizational measures to protect personal information from loss, misuse, alteration, or unintentional destruction. We have implemented various security measures to protect both the personal information and the general information that we receive from you through the Service. Whenever you give out personal information online there is a risk that third parties may intercept and use that information. Although we seek to protect your personal information and privacy, we cannot guarantee the security of any information you disclose online. To the extent permitted under applicable law, we assume no liability or responsibility for disclosure of your information due to errors in transmission, unauthorized access by third parties, or other causes beyond our control.
You play an important role in keeping your information secure. You should not share your username or password with anyone. If you have reason to believe that your account is no longer secure, please contact us immediately at the information in the How to Contact Us section below.
10. Additional Disclosures for Residents of the European Union (EU) and United Kingdom (UK)
This section provides additional information for residents of the EU and UK.
As a US company, most of our operations are conducted in the United States and in order to provide the Service, personal information will be processed in the United States, where laws regarding processing of personal information may be less stringent than the laws in your country. We provide appropriate protections for cross-border transfers as required by applicable law for international data transfers. With respect to transfers originating from the European Economic Area, we implement the standard contractual clauses approved by the European Commission.
Retention of Your Personal Information
We retain personal information for as long as necessary to fulfill the purposes for which the information was collected; as needed to address tax, corporate compliance, employment, litigation, and other legal rights and obligations; and as otherwise permitted by law.
Legal Basis for Processing Your Personal Information
Where required, we have several different legal grounds on which we collect and process your personal information for the purposes set out in the Our Use of Personal Information section above, including: (i) as may be necessary to perform a contract with you; (ii) as necessary to comply with a legal obligation; (iii) consent (where consent has been provided as appropriate under applicable law); and (iv) as necessary for our legitimate interests (such as when we act to maintain our business generally, including maintaining the safety and security of the Service).
We do not use automated decision-making without human intervention, including profiling, in a way that produces legal effects concerning you or that otherwise significantly affects you.
As available and except as limited under applicable law, individuals in the EU and UK have the rights described below:
- Access. You have the right to request a copy of the personal information we are processing about you, which we will provide to you in electronic form.
- Rectification. You have the right to require that any incomplete or inaccurate personal information that we process about you is amended.
- Deletion. You have the right to request that we delete personal information that we process about you, unless, for example, we are required to retain such information to comply with a legal obligation or to establish, exercise, or defend a legal claim.
- Restriction. You have the right to request that we restrict our processing of your personal information where: (i) you believe such data to be inaccurate; (ii) our processing is unlawful; or (iii) we no longer need to process such data for a particular purpose, but where we are not able to delete the data due to a legal or other obligation or because you do not want us to delete it.
- Portability. You have the right to request that we transmit the personal information we hold with respect to you to another data controller.
- Objection. Where the legal justification for our processing of your personal information is our legitimate interest, you have the right to object to such processing on grounds relating to your situation. We will abide by your request unless we have compelling legitimate grounds for the processing which override your interests and rights, or if we need to continue to process the data to establish, exercise, or defend a legal claim.
- Withdrawing Consent. If you have consented to our processing of your personal information, you have the right to withdraw your consent at any time, free of charge. Please note that if you withdraw your consent, this will not affect the lawfulness of our use and processing of your information based on your consent before the point in time when you withdraw your consent.
Some rights may be limited, and we may need to retain certain personal information, as required, or permitted by applicable law. To inquire about or exercise the rights listed above, at any time, contact us at firstname.lastname@example.org with the subject line “EU Privacy” so that we can get your email to the right team. We will respond to your request consistent with applicable law.
If you feel that your request or concern was not satisfactorily resolved by us, you have the right to lodge a complaint with your local data protection authority.
11. Additional Disclosures for Residents of Canada
This section contains additional disclosures for residents of Canada. If you wish to access, update, and/or correct inaccuracies in your personal information or change your consent preferences, you may log into your account or contact us at email@example.com with the subject line “Canada Privacy” so that we can get your email to the right team. You may also contact us for information about how foreign-based service providers process your personal information or if you have any questions or complaints about the manner in which we treat your personal information.
We retain personal information for as long as necessary to fulfill the purposes for which the information was collect; as needed to address tax, corporate compliance, employment, litigation, and other legal rights and obligations; and as otherwise permitted by law.
12. Additional Disclosures for Residents of Australia
If you are resident of Australia, you have the right to access the personal information we hold about you and to update and/or correct it, subject to certain exceptions. If you wish to access or update/correct your personal information, you can log into you account or you may contact us at firstname.lastname@example.org with the subject line “AU Privacy” so that we can get your email to the right team. We will respond to your request consistent with applicable law.
As a US company, most of our operations are conducted in the United States and to provide the Service, personal information will be processed in the United States. When your personal information is no longer needed for the purpose for which it was obtained, we will take reasonable steps to destroy or permanently de-identify your personal information.
If you have any questions or wish to lodge a complaint, you may do so by contacting us at the information in the How to Contact Us section below. If you submit a complaint, we will investigate your complaint and determine the steps that we will take to resolve it. We will contact you if we need any additional information from you and will notify of the outcome of the investigation.
13. Links to Other Websites
For your convenience, we may link to third-party sites and services, or otherwise display third-party content through our Site to provide increased value to our visitors. We have no control over these linked sites, each of which has separate privacy and data collection policies and practices independent from us. As such we have no responsibility or liability for these independent policies or actions and are not responsible for the privacy practices or the content of any such websites. Please note that these other sites may send their own cookies to users, collect data, or solicit personal information, and we encourage you to review their policies before engaging with these third-party sites.