Effective date: July 7, 2020
This policy also applies to any service providers collecting, using or disclosing personal information on behalf of Ella Bliss Beauty Bar.
SECTION 1 – COLLECTION AND USE
We will only collect personal information that is necessary for fulfilling an identified purpose.
For example, when you book an appointment online, as part of the reservation process we collect the personal information you give us, such as your name, address, email address, telephone number, and credit or debit card number. We, and our third-party service providers, use this information to, among other things:
guarantee and process a reservation, as well as provide our services;
send you our newsletters, coupons, updates, reminders, related email marketing, and other information;
ensure a high standard of service to you;
meet regulatory requirements; and,
Send SMS updates, appointment reminders, and special marketing promotions.
There are times when you may provide information to us voluntarily. This occurs when you provide feedback to us through emails, return forms, letters, telephone calls, sign up for text messaging, or enter a sweepstakes, contest, or promotion in which Ella Bliss Beauty Bar is the sponsor or is a promotional partner with the third-party sponsoring the sweepstakes, contest, or promotion. We use this information to respond to your query, to keep track of customer feedback, to add you to Ella Bliss Beauty Bar’s email mailing list (please see the information on how to opt out below) and to improve our service to customers.
Even if you do not make a purchase on our site or book an appointment, we have the ability to track your usage of our website, including what pages you visit, what products you view, and the third-party sites that led you to our site. This information is not used to track information about individuals but is used (i) at an aggregate level to customize our site, improve the online experience, and plan advertising and promotions, and (ii) to target advertising (see below regarding behavioral remarketing). When you browse our online website, we also automatically receive your computer’s Internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.
SECTION 2 – CONSENT
Except as otherwise provided herein, we will obtain your consent to collect, use or disclose personal information.
Consent can be provided orally, in writing, or electronically, or it can be implied where the purpose for collecting, using or disclosing the personal information would be considered obvious and you voluntarily provide personal information for that purpose. For instance, when you provide us with personal information to complete a transaction or verify your credit card, we infer that you consent to our collecting it and using it for that specific reason.
Where applicable under law, consent may also be implied where you are given notice and a reasonable opportunity to opt-out of having your personal information being used for a purpose, and you do not opt-out.
If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your express consent, or provide you with an opportunity to say no. If, after opting-in to our marketing list, you no longer wish to be contacted, you may withdraw your consent by clicking the “unsubscribe” option in the email message.
If you opt to download the Ella Bliss mobile app and set your preference to allow push notifications, you will receive periodic promotions and specials as an app notification. You may elect to not receive these notifications by updating your notification preferences for the Ella Bliss app on your mobile phone. Ella Bliss gathers location information from our mobile application from those who give us permission to do so. This information is used only by Ella Bliss and will never be shared or sold to any third parties.
If you consent to receive text messages, you will receive auto-dialed appointment confirmations and reminders in addition to marketing or promotional texts. Message and data rates may apply, check with your cellular or data carrier for information. Appointment confirmations and reminders will be based on the number of appointments you make. Consent to get text messages is not required/not a condition for purchase of goods or services. You can opt out of receiving text messages. To stop receiving text messages, reply STOP.
Subject to certain exceptions (e.g., the personal information is necessary to provide the service or product, or the withdrawal of consent would frustrate the performance of a legal obligation), you can withhold or withdraw your consent. Your decision to withhold or withdraw your consent to certain uses of personal information may restrict our ability to provide a particular service or product. If so, we will explain the situation to assist you making the decision.
We may collect, use or disclose personal information without your knowledge or consent in certain limited circumstances, including:
When the collection, use or disclosure of personal information is permitted or required by law;
In an emergency that threatens the life, health, or personal security of any person;
When the personal information is available from a public source (e.g., a telephone directory);
When we require legal advice from a lawyer;
For the purposes of collecting a debt or to protect ourselves from fraud;
To investigate an anticipated breach of an agreement or a contravention of law;
If our company is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to provide products and services to you.
SECTION 3 – DISCLOSURE
Except as otherwise provided herein, Ella Bliss Beauty Bar does not sell or otherwise share your personal information with anyone else, such as advertising agencies or marketing companies. We only send marketing information to those customers who specifically sign up for our mailing list or otherwise opt in to receive such information. Marketing information sent by Ella Bliss Beauty Bar may be sent by us as part of a cross-promotion or other collaboration with other companies or brands, but we do not disclose personal information to such companies or brands.
Ella Bliss Beauty Bar will share your personal information internally with those staff members who need it to complete your purchase or carry out your instructions regarding the receipt of marketing information. Authorized Ella Bliss Beauty Bar service providers may also have access to this information in order to carry out their responsibilities directly connected with the processing of your purchases, detection and prevention of fraud and abuse, or handling of customer service issues. Outside of these activities, we will not disclose your personal information to any third party without your written consent unless required to do so by law.
SECTION 4 – Third-Party Booking Service
We do not currently retain credit card numbers internally. Instead, our third-party booking service and payment processor receives, stores and processes all credit and debit card payments. We require them to treat your personal information in at least as secure a manner as we do. For instance, we require that they store your data on a secure server behind a firewall and that they encrypt your credit card data in accordance with the Payment Card Industry Data Security Standard (PCI-DSS). All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our online store and its service providers.
SECTION 5 – SECURITY
Ella Bliss Beauty Bar uses a number of security measures to ensure that your personal information is appropriately protected, including:
Examples include: the use of locked filing cabinets; physically securing offices where personal information is held; the use of user IDs, passwords, encryption, firewalls; restricting employee access to personal information as appropriate (i.e., only those that need to know will have access; contractually requiring any service providers to provide comparable security measures)
To be sure you’re browsing securely during a transaction, check your web browser’s status or address bar for the closed padlock icon. This icon indicates that you are viewing a secure web page. Also, all browsers display an “s” after the “http” (https://) in the website address to indicate that you are in a secure environment.
Your credit card information is encrypted using SSL and stored with AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, our service providers follow all PCI-DSS requirements and implement additional generally accepted industry standards. All computer and network equipment is configured in accordance with PCI-DSS compliance requirements.
We will use appropriate security measures when destroying your personal information such as secure shredding documents and deleting electronically stored information.
SECTION 6 – COOKIES
Ella Bliss Beauty Bar, as with many other websites, makes use of “cookies” to help deliver a better customer shopping experience. Cookies are alphanumerical identification elements that we transfer to the hard drive of your computer via your web browser. They enable our systems to recognize your browser and to offer you value-added services, such as saving the contents of your shopping basket and to deliver a more personalized shopping experience.
The type of information we collect as a result of a cookie being accepted by you is specific to your PC and includes the IP address, the date and time the PC visited the website, what parts of our website were looked at and whether the web pages requested were delivered successfully. This information represents a computer rather than a person.
You can erase or block this information by changing the settings on your computer (please refer to your help screens or manuals). If you do erase or block this information you may not be able to utilize some features of the website.
SECTION 7 – AGE OF CONSENT
This website, mobile app and our online store is not intended for use by person under the age of majority in their jurisdiction. By using these sites and mobile app, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any minors under your care to use these sites and mobile app.
SECTION 9 – ACCESS TO YOUR PERSONAL INFORMATION
You have a right to access your personal information.
A request to access personal information must be made in writing and provide sufficient detail to identify the personal information being sought. A request to access personal information should be forwarded to our Privacy Compliance Officer, who can be reached at the contact information below.
Upon request, we will also tell you how we use your personal information and to whom it has been disclosed if applicable.
We will make the requested information available within 30 business days or provide written notice of an extension where additional time is required to fulfill the request.
A minimal fee may be charged so that we can recover the cost of providing access to personal information. Where a fee may apply, we will inform you of the cost and request further direction from you on whether or not we should proceed with the request.
If a request is refused in full or in part, we will notify you in writing, providing the reasons for refusal and the recourse available to you.
SECTION 10 – Security of Data
The security of your data is important to us but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
SECTION 11 – SERVICE PROVIDERS
We may employ third party companies and individuals to facilitate our Service, provide the Service on our behalf, perform Service-related services or assist us in analyzing how our Service is used.
These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
SECTION 12 – ANALYTICS
We may use third-party service providers to monitor and analyze the use of our Service.
Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.
For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en
SECTION 13 – BEHAVIORAL REMARKETING
Google Ads (AdWords)
Google Ads (AdWords) remarketing service is provided by Google Inc.
You can opt-out of Google AdWords for Display Advertising and customize the Google Display Network ads by visiting the Google Ads Settings page: http://www.google.com/settings/ads
Google also recommends installing the Google Analytics Opt-out Browser Add-on – https://tools.google.com/dlpage/gaoptout – for your web browser. Google Analytics Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytics.
For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en
Facebook remarketing service is provided by Facebook Inc.
You can learn more about interest-based advertising from Facebook by visiting this page: https://www.facebook.com/help/164968693837950
To opt-out from Facebook’s interest-based ads, follow these instructions from Facebook: https://www.facebook.com/help/568137493302217
Facebook adheres to the Self-Regulatory Principles for Online Behavioral Advertising established by the Digital Advertising Alliance. You can also opt-out from Facebook and other participating companies through the Digital Advertising Alliance in the USA http://www.aboutads.info/choices/, the Digital Advertising Alliance of Canada in Canada http://youradchoices.ca/ or the European Interactive Digital Advertising Alliance in Europe http://www.youronlinechoices.eu/, or opt-out using your mobile device settings.
For more information on the privacy practices of Facebook, please visit Facebook’s Data Policy: https://www.facebook.com/privacy/explanation
SECTION 14 – PAYMENTS
We will not store your payment card details internally, but that information is provided directly to our third-party service providers. We require them to treat your personal information in at least as secure a manner as we do. These service providers store your card details for monthly billing and other purchases and adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of
QUESTIONS AND CONTACT INFORMATION
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information, please contact us at firstname.lastname@example.org.