Last Updated: February 28, 2022
Please read carefully.
PERSONALLY IDENTIFIABLE INFORMATION COLLECTED
The categories of personally identifiable information we may collect and have collected about you within the past 12 months include:
- Identifiers - Including without limitation your real name, alias, account name, online identifier, Internet Protocol address, unique identifiers, email address, postal address, billing address, phone number, birthdate, social media handle or moniker, or other similar identifiers.
- Payment Data – Including without limitation your credit card information, billing address or any financial information you provide in connection to your purchase of our product
- Legally Protected Characteristics – Including without limitation, your age and gender.
- Commercial Information - Including without limitation our products you purchased, obtained, considered, or returned and promotions, sweepstakes, contests, and other programs you participated in.
- Audio and Visual Information – Including without limitation images or recordings of you if you attend one of our promotional and marketing offline events and any voice recordings that you voluntarily leave on voice mailboxes or that we may collect when you call customer services.
- Inferences Drawn About Your Preferences – Including without limitation your preferences and interests, characteristics, behaviors on and offline, purchase patterns, and other inferences drawn from information we collect from you.
- Other Categories of Personally Identifiable Information that Relates to or is Reasonably Capable of Being Associated with You - Including without limitation the messages and other content you send us (e.g., feedback and reviews of our products or questions and information you provide to our staff and customer services) and information we collect from you if you interact with us on other Platforms, such as Facebook, Instagram, Twitter, Snapchat, TikTok, and other social media or interactive pages.
- Data About Others – Including without limitation personally identifiable information of individuals for whom you refer to us or purchase an item or gift for, such as their real name, email address, phone number, and postal address. Please do not share personally identifiable information of other individuals with us unless you have their permission to do so.
HOW INFORMATION IS USED
We use personally identifiable information and non-personally identifiable information in a variety of ways, including without limitation to:
- Operate and improve our Sites, customer service, or product and service offerings;
- Personalize and improve your experience on our Sites (e.g., your information helps us to better respond to your individual needs);
- Respond to comments and questions and provide customer service (e.g., your information helps us to effectively respond to your customer service requests and support needs);
- Operate and maintain our promotions, contests, sweepstakes, and other programs;
- Provide products and tailored content, services, advertisements, and offers to you;
- Administer and manage your account or membership to one or more of our marketing programs;
- Verify your identity and prevent fraud;
- Perform our contractual obligations to you, including without limitation fulfilling product orders and Cay Skin subscription replenishments;
- Conduct research and analytics and create aggregated, pseudonymized, or anonymized information for statistical purposes, internally and in connection with our affiliates;
- Post your content and consumer reviews on the Sites, our social media pages, Platforms, and other related third-party sites that may feature our brand and products;
- Comply with applicable laws;
- Enable you to interact with third-party content service providers, whether by linking to their sites, viewing their content within our online environment, or by viewing our content within their online environment;
- Conduct audits related to counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards;
- Detect security incidents, protect you against malicious, deceptive, fraudulent, or illegal activity and prosecute those responsible for that activity;
- Debug to identify and repair errors that impair existing intended functionality; and
- Fulfilling any other business or commercial purposes at your direction or with your consent.
We collect certain aggregate and non-personally identifiable information when you visit our Sites. Aggregate and non-personally identifiable information does not relate to a single, identifiable visitor. It tells us how many users visited our Sites or the pages accessed. By collecting this information, we learn how to best tailor our Sites to our visitors. We collect this information through a “cookie” and other technologies, as explained below.
The types of cookies and similar technologies we use:
- Strictly necessary cookies that are required for the operation of our Sites, such as cookies that enable you to log into your account or make purchases, or cookies that enable us to comply with the law (for example, to keep your information safe). We would not be able to operate our Sites without using “strictly necessary” cookies.
- Performance cookies which recognize and count the number of users to our Sites and help us see how users move around our Sites. These cookies do not collect information that personally identifies a visitor. We only use such information to improve our Sites. This information helps us to find out how well our Sites are working and highlights where it can be improved.
- Functionality cookies which are used to recognize when you return to our Sites and assist us to personalize your content and Site experience by remembering your preferences. By using our Sites, you agree that we can place these types of cookies on your device, however you can block these cookies using your browser settings (please see below).
- Targeting cookies and web beacons/tracking pixels which are used to record your visit to our Sites, the pages you have visited and the links you have followed. These cookies and tracking pixels are used by operators of third-party advertising networks such as Google and Facebook to advertise relevant products to you on the internet, based on the products and categories you looked at or purchased on our website. Our website currently uses tracking pixels with third parties such as Google and Facebook for marketing and remarketing purposes. This technology allows those third parties to collect information when you access our Sites, including the products on our Sites you have viewed, whether you have made a purchase and, if you make a purchase, the details of the transaction including products bought and amount of the sale. The third-party providers are able to identify specific users of their platforms through the ID number used in their tracking pixels. This information allows those providers to tailor what marketing material you are shown through those platforms and when browsing the internet. We also receive aggregated reports from those third parties in relation to our advertising campaigns, including de-identified information about the number of users who were shown our advertising campaigns and subsequently purchased our products. These reports use aggregated information and do not allow Cay Skin to identify specific individuals from those transactions. If you do not want to allow such information sharing between Cay Skin and those third-party advertising networks by using targeting cookies and tracking pixels on your device, you can deactivate targeting cookies and tracking pixels through your user settings in your internet browser or in the respective third-party platforms directly.
SHARING OF PERSONALLY IDENTIFIABLE INFORMATION
The categories of entities to whom we disclose and have shared information within the last 12 months, include:
- Service Providers - Cay Skin shares information with entities that help us to maintain and operate our Sites and business. Our service providers include without limitation our payment processors, IT vendors, advertising networks, internet service providers, data analytic providers, marketing providers, transportation and logistics providers, external auditors and advisors and other third parties that support our business. These companies may only use such information to perform those functions and may not use it for any other purpose, although we may permit them to use aggregate information which does not identify you or de-identified data for any purpose except as prohibited by applicable law.
- Vendors - We may share information with vendors and other entities in connection with tailoring advertisements, measuring, and improving our Sites and advertising effectiveness, processing your specific requests, and enabling other enhancements to our products, services, and offline events. These companies may act as our service providers, or in certain contexts, independently decide how to process your information.
- Promotional Partners - If you voluntarily enroll in one of our marketing programs, we may share information to third parties who help us provide and operate our marketing program offerings. This includes without limitation sharing your information with our service providers that maintain our e-newsletters, our third-party partners (or their service providers) participating in our promotions, or other third parties for administrative purposes.
- Social Networks – We may obtain your information from a Platform if you interact with us on such Platforms (e.g., you comment on our Instagram or Facebook post) and may share any posts or content that you have tagged us on or that are related to our products and services in our Sites or accounts on Platform.
- Affiliates - We may share information with our related entities including without limitation our parent, subsidiaries, sister companies, or co co-branded affiliates, or to their employees, agents, contractors, representatives, legal counsel and/or accountants, for: operational, management and administrative purposes; internal audit, legal, regulatory, security, insurance, financial, processing and other similar purposes; to aggregate research data and analytics and create pseudonymized or anonymized information for statistical and marketing purposes; or as otherwise permitted or required by law.
- Third Parties in Connection with a Merger, Acquisition or Other Business Transaction - We may share information if Cay Skin is involved in a merger, acquisition, sale of all or a portion of its assets, financings, joint ventures, reorganization, dissolution, liquidation, or other event where we sell or transfer all or a portion of our business assets or equity. We will not provide you with notice before disclosure in such cases.
- Third Parties for Security and Compelled Disclosure Purposes - Cay Skin must disclose information about you in response to lawful requests by public authorities, including but not limited to meet national security or law enforcement requirements. We may share information about you in connection with legal requirements, such as in response to an authorized subpoena or when we believe in good faith that disclosure is necessary to protect our rights, to protect your safety or the safety of others, or to investigate fraud. Such disclosures may be carried out without notice to you.
- Third Parties that You Direct Us to Share With - We share information at your request or direction, such as when you purchase a gift and direct us to disclose to the recipient who purchased the gift. We may also share your information with notice and as required by applicable law, with your consent.
We may use third-party companies to serve advertisements, measure the performance and engagement with our ads, provide analytic, preference, and interest information, and administer some of our marketing programs. In some instances, these ad network providers, social platforms, sponsors, and/or service providers may use their own tracking technology to capture information about your device, use and engagement online.
We may recognize your information across different devices that you use or log in from (e.g., computers or mobile devices). We may recognize that one cookie ID (e.g., from a computer) may be connected to another device (e.g., smart phone) by the device ID or log in. This may result in you searching for one of our products on one device but seeing an advertisement later for that product on another device. By knowing what devices are being used by a person or household helps us limit the number of times you may see the same advertisement across different devices.
You can specify your preferences over the use of some of these technologies by changing your preferences regarding cookie collection via changes to your web browser. Additionally, you can manage third-party advertising preferences for some of the third parties we work with that serve advertising across the internet by using the choices available at www.networkadvertising.org/managing/opt_out.asp and www.aboutads.info/choices. We do not guarantee that all of the third parties we work with will honor the elections you make using those options, but we strive to work with third parties that do. Some Platforms (e.g., Facebook) allow you to exercise ad choices, limit data collection and clear your history on that Platform as well.
Our Sites are intended for general audiences and are not directed to anyone under the age of 18. We do not knowingly collect personally identifiable information from children under 18. If you become aware that a child has provided us with personally identifiable information without parental consent, please contact us at firstname.lastname@example.org. If we become aware that a child under 18 has provided us with personally identifiable information without parental consent, we will take reasonable steps to remove such information and terminate the child’s account.
HOW WE PROTECT YOUR PERSONALLY IDENTIFIABLE INFORMATION
Cay Skin implements reasonable practices to protect your personally identifiable information from unauthorized access, use, disclosure, or destruction. No data transmission or electronic storage is infallible. Therefore, Cay Skin cannot guarantee or warrant the security of the personally identifiable information that you transmit to Cay Skin.
WHAT CHOICES DO YOU HAVE OVER HOW YOUR INFORMATION IS USED?
In this section, we describe the rights and choices available to all users.
- Access or Update Your Account Information - If you registered for an account with us, you may review and update certain personally identifiable information in your account profile by logging into your account and editing your account and billing information.
- Opt Out of Marketing Communications - You may opt out of marketing-related emails by following the opt-out or unsubscribe instructions located at the bottom of the email. You may continue to receive service-related and other non-marketing emails (e.g., emails confirming your online orders). If you receive marketing text messages from us, you may opt out of receiving further marketing text messages from us by replying STOP to our marketing message.
- Cookies - Most browsers let you remove and/or stop accepting cookies from the websites you visit. To do this, follow the instructions in your browser’s settings.
- Do-Not-Track - Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.
- Privacy Settings and Location Data - Users of our Sites can disable our access to their device’s precise geolocation in their electronic device settings.
- Choosing Not to Share Your Personally Identifiable Information - We do not require you to register or provide personally identifying information to view our Sites or access much of its content. However, there are certain instances where we need your information to provide you with certain services or provide you access to certain features of our Sites (e.g., to process your online orders). In addition, if you terminate your account or membership to one or more of our marketing programs, or if you choose not to join, you may not be able to benefit from the discounts, free sample, gifts, free shipping or other benefits offered to customers through such marketing programs.
CALIFORNIA RESIDENTS: YOUR CALIFORNIA PRIVACY RIGHTS
California residents have specific rights regarding their “personal information” (as such term is defined under the California Consumer Privacy Act (“CCPA”)). These rights are subject to certain exceptions. When required, we will respond to most requests within 45 days, unless it is reasonably necessary for us to extend our response time.
- Right to Know About Personal Information That is Collected or Disclosed - You have the right under the CCPA to request that we disclose certain information regarding our practices with respect to your personal information. If you submit a valid and verifiable request and we confirm your identity and/or authority to make the request, we will disclose to you any of the following at your direction:
- The categories of personal information we have collected about you in the last 12 months.
- The categories of sources for the personal information we have collected about you in the last 12 months.
- Our business or commercial purpose for collecting personal information.
- The categories of third parties with whom we share personal information.
- The specific pieces of personal information we collected about you.
- If we disclosed your personal information to a third party for a business purpose, a list of the personal information types that each category of recipient received.
- Right to Request Deletion of Personal Information - You have the right under the CCPA to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. If you submit a valid and verifiable request and we can confirm your identity and/or authority to make the request, we will delete all information that we are not allowed to maintain under applicable law.
- How to Exercise the Above Rights - To exercise your rights described above, please submit a verifiable consumer request by contacting us. You may make a verifiable consumer request no more than two times within a 12 month period. The verifiable request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative. Such verification process will involve you confirming at least three pieces of personal information we have collected about you, and will increase in scope in the event the nature of your request relates to the disclosure of sensitive personal information or the deletion of any personal information;
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it; and
- Include a statement that you “declare under penalty of perjury that you are the person about whom the Right to Know/Delete request has been made.”
- Right to Appoint an Authorized Agent - You are also permitted to designate an authorized agent to submit the above requests on your behalf. For an authorized agent to be verified, you must provide the authorized agent with signed, written permission to make such requests or a power of attorney. We may also follow up with you to verify your identity according to the above method before processing the authorized agent’s request.
- Right to Non-Discrimination for Exercising Privacy Rights - You may exercise your rights under the CCPA without discrimination.
- Notice of Financial Incentive - We may offer price discounts, coupons, services and other perks for members of our SMS Program (as defined below), e-newsletter, or subscription membership program, or other marketing program. In order to participate in such programs, we may ask you to disclose certain personal information (e.g., your name, email address, and mailing address) and may share such information to our service providers who help administer our programs. While membership to these programs is optional (you must opt-in on our Sites and can terminate at any time by contacting us), the collection of personally identifiable information to create and maintain accounts and communications and to monitor and administer program-related activities, could be characterized as a “financial incentive” under the CCPA given that we provide member-only benefits. To the extent California law requires that a value be assigned to the personal information collected from such programs, we value personal information collected and used in connection to our programs as the equivalent to our good-faith estimate of the cost of administering the relevant program for which the information was collected, the details of which we maintain as a trade secret. This description is without waiver of any proprietary or business confidential information, and it does not constitute any representation with regard to generally accepted accounting principles or financial accounting standards.
- Right to Opt Out of Sale of Personal Information - Although we do not sell your personal information that is collected through our Services to third parties for any monetary consideration, under the CCPA, “sale” is broadly defined to mean the sharing of personal information with third parties who are not acting as our service providers or who are otherwise not restricted from using data only on our behalf or pursuant to an applicable CCPA exception. Under the CCPA, “sale” may include us sharing information with our affiliates or allowing third parties to “collect” certain information, such as IP address, and/or browsing behavior, through cookies and similar technologies, on our Services. If you would like to opt out of our use of your personal information for such purposes that are considered a “sale” under the CCPA, you may do so by following instructions set forth on the webpage entitled: “Do Not Sell My Personal Info”. You acknowledge that any election to opt out of a sale of personal information in connection with our Service will only cover the personal information obtained through your use of our Service and does not cover the personal information that may be collected outside of our Site from our affiliates or third parties.
- Direct Marketing and Do Not Track Signals - Under California’s “Shine the Light” law, California residents may request and obtain a notice once a year about the personal information we shared with other businesses for their own direct marketing purposes. Such a notice will include a list of the categories of personal information that were shared (if any) and the names and addresses of all third parties with which the personal information was shared (if any). The notice will cover the preceding calendar year. To obtain such a notice, please contact us as described below. In addition, under this law you are entitled to be advised how we handle “Do Not Track” browser signals. Cay Skin does not personally track its users over time and across third-party websites to provide targeted advertising and therefore does not respond to Do Not Track (DNT) signals. However, some third-party websites do keep track of your browsing activities when they serve you content, which enables them to tailor what they present to you. If you are visiting such websites, most web browsers (like Safari) allow you to set the DNT signal on your browser so third parties (particularly advertisers) know you do not want to be tracked.
- Electronic Commerce. In accordance with California Civil Code Sec. 1789.3, California resident users are entitled to know that they may file grievances and complaints regarding the Site with the Complaint Assistance Unit of the Division of Consumer Services of the California Department of Consumer Affairs, in writing at 1625 North Market Blvd., Sacramento, California 95834, by telephone at (916) 445-1254 or (800) 952-5210, or by email to email@example.com.
NEVADA RESIDENTS: YOUR NEVADA PRIVACY RIGHTS
Nevada law (SB 220) requires website operators to provide a way for Nevada consumers to opt-out of the sale of certain information that the website operator may collect about them. Cay Skin does not sell your personally identifiable information to third parties as defined in Nevada law, and will not do so without providing you with notice and an opportunity to opt-out of such sale as required by law. If you have any questions regarding our data privacy practices or our compliance with Nevada data privacy law, please contact us via the methods listed under “HOW TO CONTACT US” below.
We may limit the availability of our Sites to any person or geographic area at any time. If you access our Sites from outside the United States, you do so at your own risk.
IF YOU ARE A USER ACCESSING OUR SITES FROM ANY OTHER COUNTRY WITH LAWS OR REGULATIONS GOVERNING PERSONAL DATA COLLECTION, USE AND DISCLOSURE THAT DIFFER FROM THE LAWS OF THE UNITED STATES, PLEASE BE ADVISED THAT THROUGH YOUR CONTINUED USE OF OUR SITES, YOU ARE TRANSMITTING YOUR PERSONAL DATA TO THE UNITED STATES AND YOU CONSENT TO THAT TRANSMISSION. ADDITIONALLY, YOU UNDERSTAND THAT YOUR PERSONALLY IDENTIFIABLE INFORMATION MAY BE TRANSMITTED TO AND PROCESSED IN COUNTRIES (INCLUDING THE UNITED STATES) WHERE LAWS REGARDING PROCESSING PERSONALLY IDENTIFIABLE INFORMATION MAY BE LESS STRINGENT THAN IN YOUR COUNTRY.
SMS/MMS MOBILE MESSAGING MARKETING PROGRAM
If you choose, you can provide your mobile phone number to receive text message alerts from us to receive product and/or event information, tips or promotions (the “SMS Program”). You agree that by providing your mobile phone number you expressly consent to receive automated marketing text messages from us to the mobile phone number provided. We will use the information you provide through the SMS Program to transmit your mobile messages and respond to you, if necessary. This includes, but is not limited to, sharing information with platform providers, phone companies, and other vendors and service providers who assist us in the delivery of mobile messages. Text messages are distributed via third-party mobile network providers and, therefore, we cannot control certain factors relating to message delivery. Depending on the recipient’s mobile carrier, it may not be possible to transmit the text message to the recipient successfully; nor is content available on all carriers. We do not claim or guarantee availability or performance of the SMS Program’s services, including liability for transmission delays or message failures. WE DO NOT SELL, RENT, LOAN, TRADE, LEASE, OR OTHERWISE TRANSFER FOR PROFIT ANY PHONE NUMBERS OR CUSTOMER INFORMATION COLLECTED THROUGH THE SMS PROGRAM TO ANY THIRD PARTY. Nonetheless, we reserve the right at all times to disclose any information as necessary to satisfy any law, regulation or governmental request, to avoid liability, or to protect our rights or property. When you complete forms online or otherwise provide us information in connection with the SMS Program, you agree to provide accurate, complete, and true information. You agree not to use a false or misleading name or a name that you are not authorized to use. If, in our sole discretion, we believe that any such information is untrue, inaccurate, or incomplete, or you have opted into the SMS Program for an ulterior purpose, we may refuse you access to the SMS Program and pursue any appropriate legal remedies.
If you sign up for our SMS Program, cookies may be used to personalize your experience (e.g. send you personalized text messages such as shopping cart reminders).
You can opt out from further text marketing communications by texting STOP to the SMS number used by Cay Skin, or its third-party service provider, to contact you.
Rakuten Affiliate Network
Rakuten Advertising may collect personal information when you interact with our digital property, including IP addresses, digital identifiers, information about your web browsing and app usage and how you interact with our properties and ads for a variety of purposes, such as personalization of offers or advertisements, analytics about how you engage with websites or ads and other commercial purposes. For more information about the collection, use and sale of your personal data and your rights, please use the below links.”
In the event that we determine that a data security incident rising to the level of a breach has occurred, we will notify you as set forth in relevant laws.
CONSUMERS WITH DISABILITIES
HOW TO CONTACT US
382 Northeast 191st St.
Miami, FL 33179Attn: Website Administrator