- INFORMATION COLLECTED BY THE SITE TO CONDUCT TRANSACTIONS
We will collect the information required to perform any transaction requested by you, including registering for a Site account, subscribing to a mailing list or our newsletter, participating in promotions, purchasing products offered on the Site, responding to questions or comments you may have and for any other purposes with your consent. This information may include information such as, among other items, your name, shipping address, billing information, email address, telephone number, credit card information or other payment information. When you make a purchase or otherwise utilise the Site, we may need to provide your information, including the information indicated above, to certain third-party service providers. Such third-party service providers include Shopify.com (“Shopify”), product manufacturers, shipping companies, parties used in the sending of postal mail or emails, accounting and record keeping functions, advertisements and other web-based services. Your information is disclosed to such third-party service providers only as necessary and solely to complete the transaction for which they have been engaged by us. Such third-party service providers will have access to your information for the limited purpose of completing their intended function, but they may not use it in connection with or for any other purpose.
- OTHER INFORMATION COLLECTED BY THE SITE
The Site automatically collects information as you navigate through the Site. Information collected automatically may include Internet Protocol addresses, details relating to your use of the Site and information collected through cookies and other tracking technologies. This information collected is generally statistical data and does not identify you specifically. This information is used by us to improve the Site and to deliver better service to the Site's users.
- USE OF INFORMATION COLLECTED BY THE WEBSITE
The information we collect is used to provide a variety of services and improvements for our customers. The data is used to process your purchases, send you opted-in promotional materials, create and manage your online account, effectively respond to your inquiries and questions, communicate with you about our social networks, events, promotions, request feedback, and provide surveys. We also use the information to notify you about changes to our Site, products and the services we provide to our customers. We do not sell or provide your information for third-party direct marketing purposes. We respect our customer's data and relationship.
- MANAGING YOUR INFORMATION
You may, of course, decline to submit personally identifiable information through the Site, in which case we may not be able to provide certain products or services to you. You may update, correct, or delete your account information at any time by logging into your account or by contacting us as provided in the “Contact Us” section below.
- OPT-OUT POLICY
We may use your email address to send you notices regarding matters, including the Site (including any notices required by law, in lieu of communication by postal mail). If you do not want to receive these messages, you can opt out by following the instructions included in the email message or by emailing us at firstname.lastname@example.org. If you correspond with us by email, we may retain the content of your email messages, your email address and our responses.
We have the right to disclose statistical or aggregated data (but in no event information which may personally identify you, referred to hereafter as "personal information") in our discretion and without restriction. We may disclose personal information which we have collected (a) as may be expressly permitted by you, (b) to our related companies and service providers to perform a business or technical support function for us, (c) as we deem necessary to enforce the Site's Terms of Service, (d) to comply with any court order, law or legal process, including to respond to any government or regulatory request or otherwise as required by law, and (e) in connection with the sale of Anasa Skin (whether by merger, sale of our assets, sale of stock, or otherwise).
The Site is hosted on Shopify. They provide us with the online e-commerce platform that allows us to sell our products and services to you. Your data is stored through Shopify’s data storage, databases and the general Shopify application. Shopify stores your data on a secure server behind a firewall. If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted. All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by the Site and its service providers.
- THIRD-PARTY SERVICES
When you click on links on the Site, they may direct you away from the Site. We are not responsible for the privacy practices of other sites and encourage you to read their Privacy Policies.
- TEXT MARKETING:
Text Marketing and notifications: By subscribing to text notifications you agree to receive recurring automated marketing messages at the phone number provided. Consent is not a condition of purchase. Reply STOP to unsubscribe. HELP for help. Msg & Data rates may apply.
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed. If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with AES-256 encryption. We follow all PCI-DSS requirements and implement additional generally accepted industry standards. In addition, Shopify reviews its business practices periodically for compliance with policies and procedures governing the security and confidentiality of our information. Nevertheless, no data transmission over the Internet is 100% secure. Accordingly, while we strive to protect your personal information and privacy, we do not warrant or guarantee the security of any information you disclose or transmit to us while using the Site, and we shall not be liable for the theft or inadvertent disclosure of your personal information. We assume no liability for any disclosure of data due to errors in transmission, unauthorized third-party access or other acts of third parties, or acts or omissions beyond our reasonable control.
When you use the Site, we may send one or more “cookies” – a small data file – to your computer to uniquely identify your browser and let us help you log in faster and enhance your navigation through the Site. A cookie may convey to us anonymous information about how you browse the Site. A persistent cookie remains on your hard drive after you close your browser so that it can be used by your browser on subsequent visits to the Site. Persistent cookies can be removed by following your web browser’s directions. A session cookie is temporary and disappears after you close your browser. You can reset your web browser to refuse all cookies or to indicate when a cookie is being sent. Below is a list of cookies that we use. We have listed them here so that you can choose if you want to opt-out of cookies or not.
_session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc.).
_shopify_visit, no data held, Persistent for 30 minutes from the last visit, used by our Site’s provider’s internal stats tracker to record the number of visits
_shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, counts the number of visits to a store by a single customer.
cart, unique token, persistent for 2 weeks, stores information about the contents of your cart.
_secure_session_id, unique token, sessional
storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
- CHILDREN UNDER THE AGE OF 13
The Site is not intended for children under 13 years of age. No one under age 13 may provide any personal information to or on the Site. We do not knowingly collect personal information from children under 13. If you are under 13, do not (a) use this Site or any of its features, (b) register on the Site, (c) make any purchases through the Site, or (d) otherwise provide any information about yourself to us, including your name, address, telephone number, email address or any screen name or user name you may use. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will immediately delete that information. If you believe we might have any information from or about a child under 13, please contact us as provided in the "Contact Us" section below.
- SOUTH AFRICAN PRIVACY RIGHTS
Under South African law, there exist certain requirements governing an operator of a website or online service that collects personally identifiable information about consumers in South Africa. South African law requires such operators to disclose how the operator responds to web browser "do not track" signals or other mechanisms that provide consumers the ability to exercise choice regarding the collection of personally identifiable information about an individual consumer's online activities over time and across third-party websites or online services, if the operator engages in that collection. At this time, we do not track our customers' personal information over time and across third-party websites and, therefore, we are not able to respond to “do not track” requests. South African law also requires such operators to disclose whether third parties may collect personal information about their users' online activities over time and across different sites when the users use the operator's website or service. Third parties that have content or services on the Site (such as a social feature, analytics service, or an advertising network partner) may obtain information about your browsing or usage habits but this information does not include personal information. We do not knowingly permit such third parties to collect any personal information from the Site, for direct marketing purposes or otherwise, unless you directly provide it to us and we provide it to them with your consent.
- USE OF FACEBOOK PIXEL AND FACEBOOK CONVERSIONS API
We use the “visitor action pixels” from Facebook Inc. (1 Hacker Way, Menlo Park, CA 94025, USA, or if you are a resident of the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) (“Facebook”) on our website.
This allows your behavior to be tracked after you have been redirected to our website by clicking on a Facebook ad. This enables us to measure the effectiveness of Facebook ads for statistical and market research purposes. The data collected in this way is anonymous to us, and we do not see the personal data of individual users.
We also use Facebook’s Conversions API. Data is shared using your web browser and from Shopify’s servers, and is sent directly to Facebook’s servers. Data sent from server to server cannot be blocked by browser-based ad blockers. Your personal information will be used to match users on Facebook’s network. The information collected using this setting includes your name, location, email address, and phone number, as well as your browsing behavior on our online store. Anasa Skin uses this information for its legitimate interests to measure customer actions, improve the accuracy of information sent for targeting, measurement, and optimization, and for more control over data sharing. You agree that Anasa Skin can collect this data through the Facebook Conversions API platform for these purposes.
The legal basis for this use is Article 6, paragraph 1, sentence 1, letter f of the GDPR. You can object to the collection of your data by Facebook pixel, or to the use of your data for the purpose of displaying Facebook ads by contacting the following address: https://www.facebook.com/settings?tab=ads.
Facebook is certified under the Privacy Shield Agreement (https://www.facebook.com/about/privacyshield) and thus guarantees compliance with European data protection legislation.
- INTERNATIONAL DATA TRANSFER
- IMPACT OF SALE OR MERGER
- YOUR CONSENT
- QUESTIONS AND CONTACT INFORMATION
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information, please contact our Privacy Compliance Officer at the following:
ATTN: Privacy Compliance Officer
Last updated: July 20, 2021