We use your Personal Information for the following:
- Providing and improving the Service;
- To sell physical products;
- To see digital products;
- To sell services;
- To inform you about our new products, brands, and offerings; and
- To facilitate commercial and ecommerce transactions between us and you.
Section 1 – How is Personal Information Collected
Your personal information is voluntarily provided by you through submitting various forms throughout our website including, but by no means limited to:
- Inquiring about our specific product offerings;
- Submitting an order to purchase products;
- Inquiring about additional information about our various educational offerings;
- Subscribing to one of our newsletters lists;
- Responding to a survey;
- Opening up a support ticket; and
- Providing us with feedback on our products or services
Section 2 – Information Collection And Use
While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. Personally identifiable information may include, but is not limited to, the following:
- Identifiable Information: Such as your name, email address, phone number, and/or postal address;
- Professional/Occupational Information: such as your professional state cosmetology license status, cosmetology license number, governing authority that issues your cosmetology license, occupation, relation to the salon industry; and
- Financial Related Information: such as credit card information to complete payment for products that you may have ordered, place of employment to help further verify that you are a “Salon Professional” as defined in our Terms and Conditions; and
- Other information; Personal Information that may relate to, but by no means be limited to, surveys, contests, product reviews, and comments that you may make from time-to-time on our website.
We have determined that collecting this information gives us the best chances for success of providing the highest quality service through identifying and communicating with you, responding to your requests/inquiries, updating you on new products or revisions to product instructions, servicing your purchase orders, and continually improving our services. This information also enables us to personalize the website experience, facilitate ecommerce transactions, and to send periodic communications through emails, phone calls, or text messaging.
Section 3 – Express Written Consent for Email and Telemarketing
By your voluntarily providing your personal information through the Website, you are providing expressed written consent to receive marketing text messages. We do not now, but could may in the future, use an automatic telephone dialing system to deliver our text messages and/or pre-recorded voicemail messages to leave a message for you if you happen to be unavailable when we call. If you provide your express written consent to receive calls, text messages, or emails by providing us with accurate phone numbers or email addresses, you may receive telemarketing calls or text messages at the phone number provided, or emails at the email address provided regarding products and/or services. You providing such express written consent is not required to purchase goods or services and users are welcome to use our live customer service chat system to facilitate such purchases o good or services without providing express written consent to being contacted by us.
We do not share any of your personal information with any third party and your express written consent to being contacted by us is limited to only being contacted by our company relating to products, services, offerings, or news related to our company or the Salon Industry in general.
Section 4 – Revocation of Consent
We will never take any steps to limit or impede anyone’s right to revoke their express written consent to receive communication from us and will accept any reasonable form of notice of a person’s revocation of consent including, but by no means limited to, the following:
- Text Response: Replying “Stop”, “Don’t text me anymore”, “Take me off your list” or any similar language that a reasonable person would understand to mean that you do not want to receive text messages from us anymore. We do not use “short code” or “automated systems” so all of our inbound text messages are read, answered, and processed by the same human being that the full mobile number sending the text message had been assigned to.
- Via Toll Free Phone Call: to our Compliance Officer at (888) 213-4744 x108
- By Written Request: In a letter mailed Simply Organic, Attn: Compliance Officer, 35095 US 19 North, Suite 200, Palm Harbor, FL 34684.
- Via Email: sending an email, including any and all phone numbers (and email addresses) which you would like to revoke your consent to receive communication from us (or unsubscribe to receiving email from us).
- Communicating the Revocation of Consent to the caller: During a caller’s conversation, giving any indication such as “take me off your list” or “I’d like to revoke my consent to being contacted by you” will immediately end the conversation while the caller verifies all phone numbers and email addresses we have related to your account and confirm your wishes with each.
We not only comply with the “Federal Do Not Call List”, but also maintain our own internal “Do Not Call” database.
Please note that we will similarly take no steps to limit or impede any person’s intention of unsubscribing from our double-opt-in email list. However, the fastest, most thorough, and easiest way to accomplish this is simply clicking on the “Unsubscribe” link located at the bottom of each email.
By submitting your personal information to us, you agree that such act constitutes an inquiry and/or application for purposes of the Amended Telemarketing Sales Rule (16 C.F.R. § 310 et seq.), as amended from time to time (the “ATSR”) and applicable state do-not-call regulations. As such, notwithstanding that your telephone number may be listed on the Federal Trade Commission’s Do-Not-Call List, and/or on applicable state do-not-call lists, Company and/or third-parties receiving your information as provided herein retain the right to contact you via telemarketing in accordance with the ATSR and applicable state do-not-call regulations. However, we will always make every commercially reasonable effort to comply to a person’s wish to not contact and respect the databases of third-party “Do Not Call” lists that we are aware of and have access to.
Where you provide “prior express written consent” within the meaning of the Telephone Consumer Protection Act (47 U.S.C. § 227), and its implementing regulations adopted by the Federal Communications Commission (47 C.F.R. § 64.1200), as amended from time-to-time (the “TCPA”), you consent to receive telephone calls, including artificial voice calls, pre-recorded messages and/or calls (including SMS text messages) delivered via automated technology, to the telephone number(s) that you provided. You are not required to consent to such telemarketing as a condition of purchasing any property, goods or services; you may revoke such consent at any time. Standard text message rates will apply.
Section 5 – Can Spam Act
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to:
- Send information, respond to inquiries, and/or other requests or questions.
- Process orders and to send information and updates pertaining to orders
- We may also send you additional information related to our products and/or services.
- Market to our mailing list or continue to send emails to our clients after the original transaction has occurred
To be in accordance with CANSPAM we agree to the following:
- NOT use false, or misleading subjects or email addresses
- Identify the message as an advertisement in some reasonable way
- Include the physical address of our business or site headquarters
- Monitor third party email marketing services for compliance, if one is used.
- Honor opt-out/unsubscribe requests quickly
- Allow users to unsubscribe by using the link at the bottom of each email
If at any time you would like to unsubscribe from receiving future emails, you can email us at email@example.com
Section 6 – Communications Agreement
To ensure that consumer’s inquiries are handled promptly, courteously, and accurately, some of the phone calls between you and us or any of our may be monitored and recorded by us for quality control purposes and to enhance service to you. By providing us with your accurate phone number, you acknowledge and consent to this monitoring and recording.
Section 7 – Protection of Personal and Financial Information
Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible. We use regular Malware Scanning as well as independent third-party monitoring services.
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive information you supply is encrypted via Secure Socket Layer (SSL) technology.
We implement a variety of security measures when a user places an order, enters, submits, or accesses their information to maintain the safety of your personal information.
All transactions are processed through a PCI compliant third-party gateway provider and are not stored or processed on our servers.
Section 8 – Cookies
Section 9 – Third Party Disclosures
We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property, or safety.
However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
Section 10 – Google
Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users. https://support.google.com/adwordspolicy/answer/1316548?hl=en
We use Google AdSense Advertising on our website.
We have implemented the following:
- Remarketing with Google AdSense
- Google Display Network Impression Reporting
- Demographics and Interests Reporting
We along with third-party vendors, such as Google use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile data regarding user interactions with ad impressions, and other ad service functions as they relate to our website.
Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising initiative opt out page or permanently using the Google Analytics Opt Out Browser add on.
Section 11 – California Online Privacy Protection Act
According to CalOPPA we agree to the following:
- Users can visit our site anonymously
- Users are able to change their personal information: by calling us at the number displayed on our “About Us” page or via online chat with us or sending us an email.
How does our site handle do not track signals?
We honor do not track signals and do not track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.
Does our site allow third party behavioral tracking?
It’s also important to note that we allow third party behavioral tracking
Section 12 – COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under 13, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, the nation’s consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.
We do not specifically market to children under 13.
Section 13 – Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:
- We will notify the users via email within 7 business days
- We will notify the users via in site notification within 1 business day
We also agree to the individual redress principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or a government agency to investigate and/or prosecute non-compliance by data processors.
Section 14 – Log Data
We may also collect information that your browser sends whenever you visit our Service (“Log Data”). This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages and other statistics.
In addition, we may use third party services such as Google Analytics that collect, monitor and analyze this type of information in order to increase our Service’s functionality. These third party service providers have their own privacy policies addressing how they use such information.
Section 15 – Behavioral Remarketing
- GoogleGoogle AdWords remarketing service is provided by Google Inc.You can opt-out of Google Analytics for Display Advertising and customize the Google Display Network ads by visiting the Google Ads Settings page: http://www.google.com/settings/adsGoogle also recommends installing the Google Analytics Opt-out Browser Add-on – https://tools.google.com/dlpage/gaoptout – for your web browser. Google Analytics Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytics.For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: http://www.google.com/intl/en/policies/privacy/
- FacebookFacebook remarketing service is provided by Facebook Inc.You can learn more about interest-based advertising from Facebook by visiting this page: https://www.facebook.com/help/164968693837950To opt-out from Facebook’s interest-based ads follow these instructions from Facebook: https://www.facebook.com/about/ads/#568137493302217Facebook adheres to the Self-Regulatory Principles for Online Behavioral Advertising established by the Digital Advertising Alliance. You can also opt-out from Facebook and other participating companies through the Digital Advertising Alliance in the USA http://www.aboutads.info/choices/, the Digital Advertising Alliance of Canada in Canada http://youradchoices.ca/ or the European Interactive Digital Advertising Alliance in Europe http://www.youronlinechoices.eu/, or opt-out using your mobile device settings.For more information on the privacy practices of Facebook, please visit Facebook’s Data Policy: https://www.facebook.com/privacy/explanation
Section 16 – Service Providers
We may employ third party companies and individuals to facilitate our Service, to provide the Service on our behalf, to perform Service-related services and/or to assist us in analyzing how our Service is used.
These third parties have access to your Personal Information only to perform specific tasks on our behalf and are obligated not to disclose or use your information for any other purpose.
Section 17 – Communications
We may use your Personal Information to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send or by contacting us as described in more detail above.
Section 18 – Compliance With Laws
We will disclose your Personal Information where required to do so by law or subpoena or if we believe that such action is necessary to comply with the law and the reasonable requests of law enforcement or to protect the security or integrity of our Service.
Section 19 – Business Transaction
Section 20 – Security
The security of your Personal Information is important to us, and we strive to implement and maintain reasonable, commercially acceptable security procedures and practices appropriate to the nature of the information we store, in order to protect it from unauthorized access, destruction, use, modification, or disclosure.
However, please be aware that no method of transmission over the internet, or method of electronic storage is 100% secure and we are unable to guarantee the absolute security of the Personal Information we have collected from you.
Section 21 – International Transfer
Your information, including Personal Information, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.
If you are located outside United States and choose to provide information to us, please note that we transfer the information, including Personal Information, to United States and process it there.
Section 22 – Links To Other Sites
We have no control over, and assume no responsibility for the content, privacy policies or practices of any third party sites or services.
Section 23 – Children’s Privacy
Only persons age 18 or older have permission to access our Service. Our Service does not address anyone under the age of 13 (“Children”).
We do not knowingly collect personally identifiable information from children under 13. If you are a parent or guardian and you learn that your Children have provided us with Personal Information, please contact us. If we become aware that we have collected Personal Information from a child under age 13 without verification of parental consent, we take steps to remove that information from our servers.
Section 25 – Contact Us
Attn: Compliance Officer
35095 US 19 North, Suite 200
Palm Harbor, FL 34684
+1 (888) 213-4744
SECTION 26 - SHOPIFY
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you. Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers. For more insight, you may also want to read Shopify’s Terms of Service (https://www.shopify.com/legal/terms) or Privacy Statement (https://www.shopify.com/legal/privacy).
SECTION 27 - THIRD-PARTY SERVICES
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers. In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.Google analytics:
Our store uses Google Analytics to help us learn about who visits our site and what pages are being looked at.
SECTION 28 - SECURITY
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
SECTION 29 - COOKIES
Here is a list of cookies that we use. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not.
- session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).
- shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits.
- shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
- secure_session_id, unique token, sessional storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access. PREF, persistent for a very short period, Set by Google and tracks who visits the store and from where.
SECTION 30 - AGE OF CONSENT
By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.
If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.
SECTION 32 - QUESTIONS AND CONTACT INFORMATIONIf you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our Privacy Compliance Officer at firstname.lastname@example.org or by mail at
Simply Organic Beauty
[Re: Privacy Compliance Officer]
35095 US 19 North Palm Harbor, FL 34684