Okay, got it! (Make this a button)
You can consent to the use of such cookies or similar technologies by closing this notice, by interacting with any link or button outside of this notice, or by continuing to browse otherwise.
Effective Date: August 20, 2020
Date of Last Revision: August 20, 2020
We are eyelash extension professionals that provide eyelash extension services including, but not limited to eyelash extension courses and products. In this Policy, these are collectively referred to as our Services.
Our Services are owned and operated by Million Lashes LLC, a Florida Limited Liability Corporation. By visiting our website and related applications, whether on a computer, phone, tablet, or similar device (these are all referred to as a “Device”), you are accepting the practices described below. We have appointed a representative and internal data protection officer ("DPO") for you to contact if you have any questions or concerns about our Policy. You can reach out to our DPO at email@example.com.
This Policy provides a general overview of our privacy practices.
When you access or use our Services, we collect information from and about you to provide a more personalized and relevant experience. Some information we collect automatically. Other information we collect from different sources, including business partners and other independent third-party sources. When you use our Services by “clicking-through” from a third-party site or when you visit third-party sites via our Services, those third-party sites may share information with us about your use of their service. Information collected may include the following:
- Contact information, including name, phone number, Instagram username/handle, and email addresses
- Billing or payment information (such as your credit card number, cardholder name, expiration date, authentication code, and billing address)
- User name and password
- Photos, forum and social posts, questions, comments, and videos you may have provided to us
- Geolocation/ location information
- Device information, such as when you accessed our Services and information about the Device used (for example, IP address, software or internet browser used, preferred languages, unique Device identifiers and advertising identifiers)
- Online activity, including pages, content, and applications you have visited
- Purchasing history
We may use your location information directly and/or share your location with third-parties. We collect and share location information in order to provide you with relevant content, to analyze your use of our Services, to improve our Services and to provide contextual advertising or recommendations.
You can change the privacy settings of your Device at any time in order to turn off the functionality that collects and shares location information. However, turning off location-sharing may affect certain features we offer. If you have any questions about the privacy settings of your Device, we suggest you contact the manufacturer of your Device or your mobile service provider for help.
We are committed to providing you with relevant content on our Services and respect the data privacy laws of the different jurisdictions which we operate in. We use information about you so we can help you enjoy and use our Services, including in the following ways:
- Register and manage your account, including to allow you access to and use of our Services
- Facilitate your use of our Services, including the purchase of products and courses and the viewing of training courses and webinars
- Measure interest in and improve our Services
- Notify you about special offers and products or services available from us or our partners that may be of interest to you
- Communicate with you
- Enable communication between registered users and owners/representatives of listings on our Services
- Enable us to publish your forum posts, questions, comments, photos, videos and other content
- Customize your experience, including customizing the ads shown to you on our Services and across the internet
- Make inferences about your interests or preferences
- Provide you with an optimized experience
- Respond to your questions and comments
- Resolve disputes or troubleshoot problems
- Prevent potentially prohibited or unlawful activities
Please note some information about you is required in order for us to provide you with relevant offerings from us, our affiliates, and our partners and to enable you to enjoy other benefits of being a registered user.
In order to provide some of our Services, we may need to share information with certain other third-parties, in the following circumstances:
- Suppliers. We share information with certain suppliers used to facilitate our Services, including to help with transactions, such as any products or courses you might purchase.
- Business Partners. We may share information about you, your Devices and your use of our Services with our trusted business partners. For example, we may share information so that we can provide you with relevant content or in order to facilitate payment for products or services you may purchase on the websites of our partners. This sharing is generally pursuant to written agreements which include confidentiality, privacy and security obligations; however, note that we do not control the privacy practices of these third-party business partners.
- Social Media Sites. When you use our Services and elect to share information with third-party social media sites, the information you share will be governed by the privacy policies of those social media sites and the privacy settings you have set with those social media websites.
- Advertising Networks. We sometimes collect and share information about your interests with advertising networks. Some of these companies are members of the Network Advertising Initiative, or the Digital Advertising Alliance, which offer a single location to opt-out of ad targeting from member companies. To learn more, please click here.
- Other third-parties, such as referring websites. Third-parties may also assist us in collecting information by, for example, operating features of our website or facilitating the delivery of online advertising tailored to your interests. We may share audience segments and other information with third-parties that use that information for tailored advertising to you.
Third-parties may only collect or access information as needed to perform their permitted functions.
Certain Device operating system versions permit you to opt out of certain types of information sharing, including to certain advertising networks. Please check your Device settings if you want to limit such tracking.
If we transfer your information to other countries, we will use and protect that information as described in this Policy and in accordance with applicable law.
We have implemented appropriate administrative, technical, and physical security procedures to help protect your information.
We only authorize specific employees to access personal information and they may do so only for permitted business functions. We use encryption when transmitting your information between your system and ours, and between our system and those of the parties with whom we share information. We also employ firewalls and intrusion detection systems to help prevent unauthorized access to your information. However, we cannot guarantee the security of information from unauthorized entry or use, hardware or software failure, or other circumstances outside of our control.
We will retain copies of your information for as long as you maintain your account or as necessary in connection with the purposes set out in this Policy, unless applicable law requires a longer retention period. In addition, we may retain your information for the duration of any period necessary to establish, exercise or defend any legal rights.
Do Not Track Signals
Our website is not designed to currently respond to “Do Not Track” (“DNT”) signal requests from browsers. This is due to the lack of global standardized interpretation that defines “Do Not Track” signals. Once the industry has settled on standards related to this issue, we may re-evaluate this approach.
What are cookies?
The cookies we use fall into three categories.
These cookies are necessary to help you access and move around the website and use all its features. Without these cookies, the website would not work properly and you would not be able to use certain important features. For example, we use a cookie to keep you logged in during your visit, so the site does not require you to log in repeatedly to access different pages. We may also use essential cookies for fraud detection and prevention purposes.
Analytics and customization
We use these cookies to help us understand how the website is being used and how we can improve your experience on it. These cookies can provide us with information to help us understand which parts of the website interest our visitors and if they experience any errors. We use these cookies to test different designs and features for our sites and we also use them to help us monitor how visitors reach the website.
Advertising cookies help ensure that the advertisements you see are as relevant to you as possible. For example, some advertising cookies help select ads that are based on your interests. Others help prevent the same ad from continuously reappearing for you.
We also work with third-party advertisers to give you access to content that might be of interest, and may set cookies on our Services to provide you with advertising that matches your interests and preferences. These "third-party cookies" collect information about your browsing behaviour and interaction with ads or the Services more generally. This information also helps us limit the number of times you may see the same ads and improve your online experience.
You can manage cookies through the settings of your internet browser. You can have the browser notify you when you receive a new cookie, delete individual cookies or delete all cookies.
If you delete your cookies, your access to some functionality and areas of our Services might be degraded or restricted.
Our use of any information we collect through cookies is subject to this Policy.
Statement Changes and Notification
We may update this Statement in the future. If we believe any changes are material, we will let you know by doing one or more of the following: sending you a communication about the changes, placing a notice on the website and/or posting an updated Policy on the website. We will note at the top of this Policy when it was most recently updated. We encourage you to check back from time to time to review the most current version and to periodically review this Policy for the latest information on our privacy and cookie practices
Children Under the Age of 18
Our Services are not intended for children under 18 years of age. No one under age 18 may provide any information to the Services. We do not knowingly collect personal information from children under 18. If you are under 18, do not use or provide any information on this Website or on or through any of its features/register on the Website, make any purchases through the Website, use any of the interactive or public comment features of our Services or provide any information about yourself to us, including your name, address, telephone number, e-mail address or any handle or username you may use. If we learn we have collected or received personal information from a child under 18, we will delete that information. If you believe we might have any information from or about a child under 18, please contact us at firstname.lastname@example.org.
If you have a data privacy request, such as a request to delete or access your data, please contact our DPO at email@example.com. For general data privacy inquiries or questions concerning our Policy, please contact our DPO at firstname.lastname@example.org.
General Data Protection Regulation Privacy Statement (“GDPR Statement”)
This GDPR Statement applies to persons in the European Economic Area (“EEA”), including those based in the United Kingdom. This GDPR Statement supplements our Policy; however, where the Policy conflicts with the GDPR Statement, the GDPR Statement will prevail as to persons in the EEA.
Your rights under GDPR
You have certain rights regarding your personal data.
Your rights with respect to your own personal data include the following:
- The right to request access to your personal data. This enables you to receive a copy of the personal data we hold about you.
- The right to request to correct your personal data if it is inaccurate. You may also supplement any incomplete personal data we have, taking into account the purposes of the processing.
- The right to request deletion of your personal data if:
- your personal data is no longer necessary for the purposes for which we collected or processed them; or
- you withdraw your consent if the processing of your personal data is based on consent and no other legal ground exists; or
- you object to the processing of your personal data and we do not have an overriding legitimate ground for processing; or
- your personal data is unlawfully processed; or
- your personal data must be deleted for compliance with a legal obligation.
- The right to object to the processing of your personal data. We will comply with your request, unless we have a compelling overriding legitimate interest for processing or we need to continue processing your personal data to establish, exercise or defend a legal claim.
- The right to restrict the processing of personal data, if:
- the accuracy of your personal data is contested by you, for the period in which we have to verify the accuracy of the personal data; or
- the processing is unlawful and you oppose the deletion of your personal data and request restriction; or
- we no longer need your personal data for the purposes of processing, but your personal data is required by you for legal claims; or
- you have objected to the processing, for the period in which we have to verify overriding legitimate grounds.
- The right to data portability. You may request that we send this personal data to a third-party, where feasible. You only have this right if it relates to personal data you have provided to us where the processing is based on consent or necessity for the performance of a contract between you and us, and the processing is conducted by automated means.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights described in this Statement). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. In an effort to speed up our response, we may also contact you to ask you for further information in relation to your request. You can exercise your rights by filing a request by emailing email@example.com.
We will only use your personal data when the law allows us to.
Pursuant to GDPR, we will use your personal data in one or more of the following circumstances:
- Where we need to perform the contract we are about to enter into or have entered into with you
- Where it is necessary for our legitimate interests (or those of a third-party) and your interests and fundamental rights do not override those interests
- Where we need to comply with a legal or regulatory obligation
- With your consent
Your personal data may be stored or transferred to countries outside the EEA for the purposes described in this Statement. When we store or transfer your personal data outside the EEA, we take the following precautions to ensure that your personal data is properly protected.
Whenever we store or transfer your personal data outside the EEA, we will do so in accordance with applicable law and we will ensure a similar degree of protection is afforded to it by implementing appropriate safeguards. Transfers of personal data are made:
- to a country recognised by the European Commission as providing an adequate level of protection; or
- to a country which does not offer adequate protection but whose transfer has been governed by the standard contractual clauses of the European Commission or by implementing other appropriate cross-border transfer solutions to provide adequate protection.
By using our services, you understand that your personal data may be transferred to our facilities and those third-parties with whom we share it as described in this Policy.
California Consumer Privacy Act Privacy Statement (“CCPA Statement”)
This CCPA Statement is provided pursuant to the California Consumer Privacy Act (“CCPA”) and applies to California residents and supplements our overall Statement with additional disclosures and rights.
Your rights under CCPA
As of January 1, 2020, California law permits residents of California to request certain details about how their personal information is shared with third-parties or affiliated companies for direct marketing purposes.
California residents may also take advantage of the following rights:
- You may request, up to two times each year, that we disclose to you the categories and specific pieces of personal information that we have collected about you, the categories of sources from which your personal information is collected, the business or commercial purpose for collecting your personal information, the categories of personal information that we disclosed for a business purpose, any categories of personal information about you that we sold, the categories of third-parties with whom we have shared your personal information, and the business or commercial purpose for selling your personal information, if applicable.
- You may request that we delete any personal information that we have collected from or about you. As described in more detail in our Policy, there are some reasons we will not be able to fully address your deletion request, such as if we need to complete a transaction for you, to detect and protect against fraudulent and illegal activity, to exercise our rights, or to comply with a legal obligation.
- You may request to opt out of our sale of your personal information to third-parties for their direct marketing purposes. This means that, if you opt out, going forward, we will not share your information with such third-parties to use for their purposes unless you later direct us to do so. To effect the opt out, please submit a request in writing to the contact information below.
To take advantage of your disclosure and deletion rights, please contact us at firstname.lastname@example.org. We may need to verify your identity to enable us to process your request. We value your privacy and will not discriminate in response to your exercise of privacy rights. We will respond to your request within 45 days of receipt of your request, after proper verification, unless we need additional time, in which case we will let you know.
For purposes of compliance with the CCPA, in addition to the further details as described in the Statement, we make the following disclosures:
- We collect the following categories of personal information: Identifiers/Contact Information, transactional information, Internet or other electronic network activity information, geolocation, visual and audio information, and inferences drawn from the above.
- We disclose the following categories of personal information for a business purpose: Identifiers/Contact Information, commercial information, Internet or other electronic network activity information, geolocation, visual and audio information, and inferences drawn from the above.
Under Nevada law, certain Nevada consumers may opt out of the sale of "personally identifiable information" for monetary consideration (as such terms are defined under Nevada law) to a person for that person to license or sell such information to additional persons. We do not engage in such activity; however, if you are a Nevada resident who has purchased services from us, you may submit a request to opt out of any potential future sales under Nevada law by contacting us at email@example.com.. Please note we will take reasonable steps to verify your identity and the authenticity of the request. Once verified, we will maintain your request in the event our practices change.